xref: /openbmc/linux/arch/powerpc/xmon/xmon.c (revision 72ed5d5624af384eaf74d84915810d54486a75e2)
1 // SPDX-License-Identifier: GPL-2.0-or-later
2 /*
3  * Routines providing a simple monitor for use on the PowerMac.
4  *
5  * Copyright (C) 1996-2005 Paul Mackerras.
6  * Copyright (C) 2001 PPC64 Team, IBM Corp
7  * Copyrignt (C) 2006 Michael Ellerman, IBM Corp
8  */
9 
10 #include <linux/kernel.h>
11 #include <linux/errno.h>
12 #include <linux/sched/signal.h>
13 #include <linux/smp.h>
14 #include <linux/mm.h>
15 #include <linux/reboot.h>
16 #include <linux/delay.h>
17 #include <linux/kallsyms.h>
18 #include <linux/kmsg_dump.h>
19 #include <linux/cpumask.h>
20 #include <linux/export.h>
21 #include <linux/sysrq.h>
22 #include <linux/interrupt.h>
23 #include <linux/irq.h>
24 #include <linux/bug.h>
25 #include <linux/nmi.h>
26 #include <linux/ctype.h>
27 #include <linux/highmem.h>
28 #include <linux/security.h>
29 #include <linux/debugfs.h>
30 
31 #include <asm/ptrace.h>
32 #include <asm/smp.h>
33 #include <asm/string.h>
34 #include <asm/machdep.h>
35 #include <asm/xmon.h>
36 #include <asm/processor.h>
37 #include <asm/mmu.h>
38 #include <asm/mmu_context.h>
39 #include <asm/plpar_wrappers.h>
40 #include <asm/cputable.h>
41 #include <asm/rtas.h>
42 #include <asm/sstep.h>
43 #include <asm/irq_regs.h>
44 #include <asm/spu.h>
45 #include <asm/spu_priv1.h>
46 #include <asm/setjmp.h>
47 #include <asm/reg.h>
48 #include <asm/debug.h>
49 #include <asm/hw_breakpoint.h>
50 #include <asm/xive.h>
51 #include <asm/opal.h>
52 #include <asm/firmware.h>
53 #include <asm/code-patching.h>
54 #include <asm/sections.h>
55 #include <asm/inst.h>
56 #include <asm/interrupt.h>
57 
58 #ifdef CONFIG_PPC64
59 #include <asm/hvcall.h>
60 #include <asm/paca.h>
61 #endif
62 
63 #include "nonstdio.h"
64 #include "dis-asm.h"
65 #include "xmon_bpts.h"
66 
67 #ifdef CONFIG_SMP
68 static cpumask_t cpus_in_xmon = CPU_MASK_NONE;
69 static unsigned long xmon_taken = 1;
70 static int xmon_owner;
71 static int xmon_gate;
72 static int xmon_batch;
73 static unsigned long xmon_batch_start_cpu;
74 static cpumask_t xmon_batch_cpus = CPU_MASK_NONE;
75 #else
76 #define xmon_owner 0
77 #endif /* CONFIG_SMP */
78 
79 #ifdef CONFIG_PPC_PSERIES
80 static int set_indicator_token = RTAS_UNKNOWN_SERVICE;
81 #endif
82 static unsigned long in_xmon __read_mostly = 0;
83 static int xmon_on = IS_ENABLED(CONFIG_XMON_DEFAULT);
84 static bool xmon_is_ro = IS_ENABLED(CONFIG_XMON_DEFAULT_RO_MODE);
85 
86 static unsigned long adrs;
87 static int size = 1;
88 #define MAX_DUMP (64 * 1024)
89 static unsigned long ndump = 64;
90 #define MAX_IDUMP (MAX_DUMP >> 2)
91 static unsigned long nidump = 16;
92 static unsigned long ncsum = 4096;
93 static int termch;
94 static char tmpstr[128];
95 static int tracing_enabled;
96 
97 static long bus_error_jmp[JMP_BUF_LEN];
98 static int catch_memory_errors;
99 static int catch_spr_faults;
100 static long *xmon_fault_jmp[NR_CPUS];
101 
102 /* Breakpoint stuff */
103 struct bpt {
104 	unsigned long	address;
105 	u32		*instr;
106 	atomic_t	ref_count;
107 	int		enabled;
108 	unsigned long	pad;
109 };
110 
111 /* Bits in bpt.enabled */
112 #define BP_CIABR	1
113 #define BP_TRAP		2
114 #define BP_DABR		4
115 
116 static struct bpt bpts[NBPTS];
117 static struct bpt dabr[HBP_NUM_MAX];
118 static struct bpt *iabr;
119 static unsigned int bpinstr = PPC_RAW_TRAP();
120 
121 #define BP_NUM(bp)	((bp) - bpts + 1)
122 
123 /* Prototypes */
124 static int cmds(struct pt_regs *);
125 static int mread(unsigned long, void *, int);
126 static int mwrite(unsigned long, void *, int);
127 static int mread_instr(unsigned long, ppc_inst_t *);
128 static int handle_fault(struct pt_regs *);
129 static void byterev(unsigned char *, int);
130 static void memex(void);
131 static int bsesc(void);
132 static void dump(void);
133 static void show_pte(unsigned long);
134 static void prdump(unsigned long, long);
135 static int ppc_inst_dump(unsigned long, long, int);
136 static void dump_log_buf(void);
137 
138 #ifdef CONFIG_SMP
139 static int xmon_switch_cpu(unsigned long);
140 static int xmon_batch_next_cpu(void);
141 static int batch_cmds(struct pt_regs *);
142 #endif
143 
144 #ifdef CONFIG_PPC_POWERNV
145 static void dump_opal_msglog(void);
146 #else
147 static inline void dump_opal_msglog(void)
148 {
149 	printf("Machine is not running OPAL firmware.\n");
150 }
151 #endif
152 
153 static void backtrace(struct pt_regs *);
154 static void excprint(struct pt_regs *);
155 static void prregs(struct pt_regs *);
156 static void memops(int);
157 static void memlocate(void);
158 static void memzcan(void);
159 static void memdiffs(unsigned char *, unsigned char *, unsigned, unsigned);
160 int skipbl(void);
161 int scanhex(unsigned long *valp);
162 static void scannl(void);
163 static int hexdigit(int);
164 void getstring(char *, int);
165 static void flush_input(void);
166 static int inchar(void);
167 static void take_input(char *);
168 static int  read_spr(int, unsigned long *);
169 static void write_spr(int, unsigned long);
170 static void super_regs(void);
171 static void remove_bpts(void);
172 static void insert_bpts(void);
173 static void remove_cpu_bpts(void);
174 static void insert_cpu_bpts(void);
175 static struct bpt *at_breakpoint(unsigned long pc);
176 static struct bpt *in_breakpoint_table(unsigned long pc, unsigned long *offp);
177 static int  do_step(struct pt_regs *);
178 static void bpt_cmds(void);
179 static void cacheflush(void);
180 static int  cpu_cmd(void);
181 static void csum(void);
182 static void bootcmds(void);
183 static void proccall(void);
184 static void show_tasks(void);
185 void dump_segments(void);
186 static void symbol_lookup(void);
187 static void xmon_show_stack(unsigned long sp, unsigned long lr,
188 			    unsigned long pc);
189 static void xmon_print_symbol(unsigned long address, const char *mid,
190 			      const char *after);
191 static const char *getvecname(unsigned long vec);
192 
193 static int do_spu_cmd(void);
194 
195 #ifdef CONFIG_44x
196 static void dump_tlb_44x(void);
197 #endif
198 #ifdef CONFIG_PPC_BOOK3E_64
199 static void dump_tlb_book3e(void);
200 #endif
201 
202 static void clear_all_bpt(void);
203 
204 #ifdef CONFIG_PPC64
205 #define REG		"%.16lx"
206 #else
207 #define REG		"%.8lx"
208 #endif
209 
210 #ifdef __LITTLE_ENDIAN__
211 #define GETWORD(v)	(((v)[3] << 24) + ((v)[2] << 16) + ((v)[1] << 8) + (v)[0])
212 #else
213 #define GETWORD(v)	(((v)[0] << 24) + ((v)[1] << 16) + ((v)[2] << 8) + (v)[3])
214 #endif
215 
216 static const char *xmon_ro_msg = "Operation disabled: xmon in read-only mode\n";
217 
218 static char *help_string = "\
219 Commands:\n\
220   b	show breakpoints\n\
221   bd	set data breakpoint\n\
222   bi	set instruction breakpoint\n\
223   bc	clear breakpoint\n"
224 #ifdef CONFIG_SMP
225   "\
226   c	print cpus stopped in xmon\n\
227   c#	try to switch to cpu number h (in hex)\n\
228   c# $	run command '$' (one of 'r','S' or 't') on all cpus in xmon\n"
229 #endif
230   "\
231   C	checksum\n\
232   d	dump bytes\n\
233   d1	dump 1 byte values\n\
234   d2	dump 2 byte values\n\
235   d4	dump 4 byte values\n\
236   d8	dump 8 byte values\n\
237   di	dump instructions\n\
238   df	dump float values\n\
239   dd	dump double values\n\
240   dl    dump the kernel log buffer\n"
241 #ifdef CONFIG_PPC_POWERNV
242   "\
243   do    dump the OPAL message log\n"
244 #endif
245 #ifdef CONFIG_PPC64
246   "\
247   dp[#]	dump paca for current cpu, or cpu #\n\
248   dpa	dump paca for all possible cpus\n"
249 #endif
250   "\
251   dr	dump stream of raw bytes\n\
252   dv	dump virtual address translation \n\
253   dt	dump the tracing buffers (uses printk)\n\
254   dtc	dump the tracing buffers for current CPU (uses printk)\n\
255 "
256 #ifdef CONFIG_PPC_POWERNV
257 "  dx#   dump xive on CPU #\n\
258   dxi#  dump xive irq state #\n\
259   dxa   dump xive on all CPUs\n"
260 #endif
261 "  e	print exception information\n\
262   f	flush cache\n\
263   la	lookup symbol+offset of specified address\n\
264   ls	lookup address of specified symbol\n\
265   lp s [#]	lookup address of percpu symbol s for current cpu, or cpu #\n\
266   m	examine/change memory\n\
267   mm	move a block of memory\n\
268   ms	set a block of memory\n\
269   md	compare two blocks of memory\n\
270   ml	locate a block of memory\n\
271   mz	zero a block of memory\n\
272   mi	show information about memory allocation\n\
273   p 	call a procedure\n\
274   P 	list processes/tasks\n\
275   r	print registers\n\
276   s	single step\n"
277 #ifdef CONFIG_SPU_BASE
278 "  ss	stop execution on all spus\n\
279   sr	restore execution on stopped spus\n\
280   sf  #	dump spu fields for spu # (in hex)\n\
281   sd  #	dump spu local store for spu # (in hex)\n\
282   sdi #	disassemble spu local store for spu # (in hex)\n"
283 #endif
284 "  S	print special registers\n\
285   Sa    print all SPRs\n\
286   Sr #	read SPR #\n\
287   Sw #v write v to SPR #\n\
288   t	print backtrace\n\
289   x	exit monitor and recover\n\
290   X	exit monitor and don't recover\n"
291 #if defined(CONFIG_PPC_BOOK3S_64)
292 "  u	dump segment table or SLB\n"
293 #elif defined(CONFIG_PPC_BOOK3S_32)
294 "  u	dump segment registers\n"
295 #elif defined(CONFIG_44x) || defined(CONFIG_PPC_BOOK3E_64)
296 "  u	dump TLB\n"
297 #endif
298 "  U	show uptime information\n"
299 "  ?	help\n"
300 "  # n	limit output to n lines per page (for dp, dpa, dl)\n"
301 "  zr	reboot\n"
302 "  zh	halt\n"
303 ;
304 
305 #ifdef CONFIG_SECURITY
306 static bool xmon_is_locked_down(void)
307 {
308 	static bool lockdown;
309 
310 	if (!lockdown) {
311 		lockdown = !!security_locked_down(LOCKDOWN_XMON_RW);
312 		if (lockdown) {
313 			printf("xmon: Disabled due to kernel lockdown\n");
314 			xmon_is_ro = true;
315 		}
316 	}
317 
318 	if (!xmon_is_ro) {
319 		xmon_is_ro = !!security_locked_down(LOCKDOWN_XMON_WR);
320 		if (xmon_is_ro)
321 			printf("xmon: Read-only due to kernel lockdown\n");
322 	}
323 
324 	return lockdown;
325 }
326 #else /* CONFIG_SECURITY */
327 static inline bool xmon_is_locked_down(void)
328 {
329 	return false;
330 }
331 #endif
332 
333 static struct pt_regs *xmon_regs;
334 
335 static inline void sync(void)
336 {
337 	asm volatile("sync; isync");
338 }
339 
340 static inline void cflush(void *p)
341 {
342 	asm volatile ("dcbf 0,%0; icbi 0,%0" : : "r" (p));
343 }
344 
345 static inline void cinval(void *p)
346 {
347 	asm volatile ("dcbi 0,%0; icbi 0,%0" : : "r" (p));
348 }
349 
350 /**
351  * write_ciabr() - write the CIABR SPR
352  * @ciabr:	The value to write.
353  *
354  * This function writes a value to the CIARB register either directly
355  * through mtspr instruction if the kernel is in HV privilege mode or
356  * call a hypervisor function to achieve the same in case the kernel
357  * is in supervisor privilege mode.
358  */
359 static void write_ciabr(unsigned long ciabr)
360 {
361 	if (!cpu_has_feature(CPU_FTR_ARCH_207S))
362 		return;
363 
364 	if (cpu_has_feature(CPU_FTR_HVMODE)) {
365 		mtspr(SPRN_CIABR, ciabr);
366 		return;
367 	}
368 	plpar_set_ciabr(ciabr);
369 }
370 
371 /**
372  * set_ciabr() - set the CIABR
373  * @addr:	The value to set.
374  *
375  * This function sets the correct privilege value into the HW
376  * breakpoint address before writing it up in the CIABR register.
377  */
378 static void set_ciabr(unsigned long addr)
379 {
380 	addr &= ~CIABR_PRIV;
381 
382 	if (cpu_has_feature(CPU_FTR_HVMODE))
383 		addr |= CIABR_PRIV_HYPER;
384 	else
385 		addr |= CIABR_PRIV_SUPER;
386 	write_ciabr(addr);
387 }
388 
389 /*
390  * Disable surveillance (the service processor watchdog function)
391  * while we are in xmon.
392  * XXX we should re-enable it when we leave. :)
393  */
394 #define SURVEILLANCE_TOKEN	9000
395 
396 static inline void disable_surveillance(void)
397 {
398 #ifdef CONFIG_PPC_PSERIES
399 	/* Since this can't be a module, args should end up below 4GB. */
400 	static struct rtas_args args;
401 
402 	/*
403 	 * At this point we have got all the cpus we can into
404 	 * xmon, so there is hopefully no other cpu calling RTAS
405 	 * at the moment, even though we don't take rtas.lock.
406 	 * If we did try to take rtas.lock there would be a
407 	 * real possibility of deadlock.
408 	 */
409 	if (set_indicator_token == RTAS_UNKNOWN_SERVICE)
410 		return;
411 
412 	rtas_call_unlocked(&args, set_indicator_token, 3, 1, NULL,
413 			   SURVEILLANCE_TOKEN, 0, 0);
414 
415 #endif /* CONFIG_PPC_PSERIES */
416 }
417 
418 #ifdef CONFIG_SMP
419 static int xmon_speaker;
420 
421 static void get_output_lock(void)
422 {
423 	int me = smp_processor_id() + 0x100;
424 	int last_speaker = 0, prev;
425 	long timeout;
426 
427 	if (xmon_speaker == me)
428 		return;
429 
430 	for (;;) {
431 		last_speaker = cmpxchg(&xmon_speaker, 0, me);
432 		if (last_speaker == 0)
433 			return;
434 
435 		/*
436 		 * Wait a full second for the lock, we might be on a slow
437 		 * console, but check every 100us.
438 		 */
439 		timeout = 10000;
440 		while (xmon_speaker == last_speaker) {
441 			if (--timeout > 0) {
442 				udelay(100);
443 				continue;
444 			}
445 
446 			/* hostile takeover */
447 			prev = cmpxchg(&xmon_speaker, last_speaker, me);
448 			if (prev == last_speaker)
449 				return;
450 			break;
451 		}
452 	}
453 }
454 
455 static void release_output_lock(void)
456 {
457 	xmon_speaker = 0;
458 }
459 
460 int cpus_are_in_xmon(void)
461 {
462 	return !cpumask_empty(&cpus_in_xmon);
463 }
464 
465 static bool wait_for_other_cpus(int ncpus)
466 {
467 	unsigned long timeout;
468 
469 	/* We wait for 2s, which is a metric "little while" */
470 	for (timeout = 20000; timeout != 0; --timeout) {
471 		if (cpumask_weight(&cpus_in_xmon) >= ncpus)
472 			return true;
473 		udelay(100);
474 		barrier();
475 	}
476 
477 	return false;
478 }
479 #else /* CONFIG_SMP */
480 static inline void get_output_lock(void) {}
481 static inline void release_output_lock(void) {}
482 #endif
483 
484 static void xmon_touch_watchdogs(void)
485 {
486 	touch_softlockup_watchdog_sync();
487 	rcu_cpu_stall_reset();
488 	touch_nmi_watchdog();
489 }
490 
491 static int xmon_core(struct pt_regs *regs, volatile int fromipi)
492 {
493 	volatile int cmd = 0;
494 	struct bpt *volatile bp;
495 	long recurse_jmp[JMP_BUF_LEN];
496 	bool locked_down;
497 	unsigned long offset;
498 	unsigned long flags;
499 #ifdef CONFIG_SMP
500 	int cpu;
501 	int secondary;
502 #endif
503 
504 	local_irq_save(flags);
505 	hard_irq_disable();
506 
507 	locked_down = xmon_is_locked_down();
508 
509 	if (!fromipi) {
510 		tracing_enabled = tracing_is_on();
511 		tracing_off();
512 	}
513 
514 	bp = in_breakpoint_table(regs->nip, &offset);
515 	if (bp != NULL) {
516 		regs_set_return_ip(regs, bp->address + offset);
517 		atomic_dec(&bp->ref_count);
518 	}
519 
520 	remove_cpu_bpts();
521 
522 #ifdef CONFIG_SMP
523 	cpu = smp_processor_id();
524 	if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
525 		/*
526 		 * We catch SPR read/write faults here because the 0x700, 0xf60
527 		 * etc. handlers don't call debugger_fault_handler().
528 		 */
529 		if (catch_spr_faults)
530 			longjmp(bus_error_jmp, 1);
531 		get_output_lock();
532 		excprint(regs);
533 		printf("cpu 0x%x: Exception %lx %s in xmon, "
534 		       "returning to main loop\n",
535 		       cpu, regs->trap, getvecname(TRAP(regs)));
536 		release_output_lock();
537 		longjmp(xmon_fault_jmp[cpu], 1);
538 	}
539 
540 	if (setjmp(recurse_jmp) != 0) {
541 		if (!in_xmon || !xmon_gate) {
542 			get_output_lock();
543 			printf("xmon: WARNING: bad recursive fault "
544 			       "on cpu 0x%x\n", cpu);
545 			release_output_lock();
546 			goto waiting;
547 		}
548 		secondary = !(xmon_taken && cpu == xmon_owner);
549 		goto cmdloop;
550 	}
551 
552 	xmon_fault_jmp[cpu] = recurse_jmp;
553 
554 	bp = NULL;
555 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT))
556 		bp = at_breakpoint(regs->nip);
557 	if (bp || regs_is_unrecoverable(regs))
558 		fromipi = 0;
559 
560 	if (!fromipi) {
561 		get_output_lock();
562 		if (!locked_down)
563 			excprint(regs);
564 		if (bp) {
565 			printf("cpu 0x%x stopped at breakpoint 0x%tx (",
566 			       cpu, BP_NUM(bp));
567 			xmon_print_symbol(regs->nip, " ", ")\n");
568 		}
569 		if (regs_is_unrecoverable(regs))
570 			printf("WARNING: exception is not recoverable, "
571 			       "can't continue\n");
572 		release_output_lock();
573 	}
574 
575 	cpumask_set_cpu(cpu, &cpus_in_xmon);
576 
577  waiting:
578 	secondary = 1;
579 	spin_begin();
580 	while (secondary && !xmon_gate) {
581 		if (in_xmon == 0) {
582 			if (fromipi) {
583 				spin_end();
584 				goto leave;
585 			}
586 			secondary = test_and_set_bit(0, &in_xmon);
587 		}
588 		spin_cpu_relax();
589 		touch_nmi_watchdog();
590 	}
591 	spin_end();
592 
593 	if (!secondary && !xmon_gate) {
594 		/* we are the first cpu to come in */
595 		/* interrupt other cpu(s) */
596 		int ncpus = num_online_cpus();
597 
598 		xmon_owner = cpu;
599 		mb();
600 		if (ncpus > 1) {
601 			/*
602 			 * A system reset (trap == 0x100) can be triggered on
603 			 * all CPUs, so when we come in via 0x100 try waiting
604 			 * for the other CPUs to come in before we send the
605 			 * debugger break (IPI). This is similar to
606 			 * crash_kexec_secondary().
607 			 */
608 			if (TRAP(regs) !=  INTERRUPT_SYSTEM_RESET || !wait_for_other_cpus(ncpus))
609 				smp_send_debugger_break();
610 
611 			wait_for_other_cpus(ncpus);
612 		}
613 		remove_bpts();
614 		disable_surveillance();
615 
616 		if (!locked_down) {
617 			/* for breakpoint or single step, print curr insn */
618 			if (bp || TRAP(regs) == INTERRUPT_TRACE)
619 				ppc_inst_dump(regs->nip, 1, 0);
620 			printf("enter ? for help\n");
621 		}
622 
623 		mb();
624 		xmon_gate = 1;
625 		barrier();
626 		touch_nmi_watchdog();
627 	}
628 
629  cmdloop:
630 	while (in_xmon) {
631 		if (secondary) {
632 			spin_begin();
633 			if (cpu == xmon_owner) {
634 				if (!test_and_set_bit(0, &xmon_taken)) {
635 					secondary = 0;
636 					spin_end();
637 					continue;
638 				}
639 				/* missed it */
640 				while (cpu == xmon_owner)
641 					spin_cpu_relax();
642 			}
643 			spin_cpu_relax();
644 			touch_nmi_watchdog();
645 		} else {
646 			cmd = 1;
647 #ifdef CONFIG_SMP
648 			if (xmon_batch)
649 				cmd = batch_cmds(regs);
650 #endif
651 			if (!locked_down && cmd)
652 				cmd = cmds(regs);
653 			if (locked_down || cmd != 0) {
654 				/* exiting xmon */
655 				insert_bpts();
656 				xmon_gate = 0;
657 				wmb();
658 				in_xmon = 0;
659 				break;
660 			}
661 			/* have switched to some other cpu */
662 			secondary = 1;
663 		}
664 	}
665  leave:
666 	cpumask_clear_cpu(cpu, &cpus_in_xmon);
667 	xmon_fault_jmp[cpu] = NULL;
668 #else
669 	/* UP is simple... */
670 	if (in_xmon) {
671 		printf("Exception %lx %s in xmon, returning to main loop\n",
672 		       regs->trap, getvecname(TRAP(regs)));
673 		longjmp(xmon_fault_jmp[0], 1);
674 	}
675 	if (setjmp(recurse_jmp) == 0) {
676 		xmon_fault_jmp[0] = recurse_jmp;
677 		in_xmon = 1;
678 
679 		excprint(regs);
680 		bp = at_breakpoint(regs->nip);
681 		if (bp) {
682 			printf("Stopped at breakpoint %tx (", BP_NUM(bp));
683 			xmon_print_symbol(regs->nip, " ", ")\n");
684 		}
685 		if (regs_is_unrecoverable(regs))
686 			printf("WARNING: exception is not recoverable, "
687 			       "can't continue\n");
688 		remove_bpts();
689 		disable_surveillance();
690 		if (!locked_down) {
691 			/* for breakpoint or single step, print current insn */
692 			if (bp || TRAP(regs) == INTERRUPT_TRACE)
693 				ppc_inst_dump(regs->nip, 1, 0);
694 			printf("enter ? for help\n");
695 		}
696 	}
697 
698 	if (!locked_down)
699 		cmd = cmds(regs);
700 
701 	insert_bpts();
702 	in_xmon = 0;
703 #endif
704 
705 #ifdef CONFIG_BOOKE
706 	if (regs->msr & MSR_DE) {
707 		bp = at_breakpoint(regs->nip);
708 		if (bp != NULL) {
709 			regs_set_return_ip(regs, (unsigned long) &bp->instr[0]);
710 			atomic_inc(&bp->ref_count);
711 		}
712 	}
713 #else
714 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
715 		bp = at_breakpoint(regs->nip);
716 		if (bp != NULL) {
717 			int stepped = emulate_step(regs, ppc_inst_read(bp->instr));
718 			if (stepped == 0) {
719 				regs_set_return_ip(regs, (unsigned long) &bp->instr[0]);
720 				atomic_inc(&bp->ref_count);
721 			} else if (stepped < 0) {
722 				printf("Couldn't single-step %s instruction\n",
723 				    IS_RFID(ppc_inst_read(bp->instr))? "rfid": "mtmsrd");
724 			}
725 		}
726 	}
727 #endif
728 	if (locked_down)
729 		clear_all_bpt();
730 	else
731 		insert_cpu_bpts();
732 
733 	xmon_touch_watchdogs();
734 	local_irq_restore(flags);
735 
736 	return cmd != 'X' && cmd != EOF;
737 }
738 
739 int xmon(struct pt_regs *excp)
740 {
741 	struct pt_regs regs;
742 
743 	if (excp == NULL) {
744 		ppc_save_regs(&regs);
745 		excp = &regs;
746 	}
747 
748 	return xmon_core(excp, 0);
749 }
750 EXPORT_SYMBOL(xmon);
751 
752 irqreturn_t xmon_irq(int irq, void *d)
753 {
754 	unsigned long flags;
755 	local_irq_save(flags);
756 	printf("Keyboard interrupt\n");
757 	xmon(get_irq_regs());
758 	local_irq_restore(flags);
759 	return IRQ_HANDLED;
760 }
761 
762 static int xmon_bpt(struct pt_regs *regs)
763 {
764 	struct bpt *bp;
765 	unsigned long offset;
766 
767 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
768 		return 0;
769 
770 	/* Are we at the trap at bp->instr[1] for some bp? */
771 	bp = in_breakpoint_table(regs->nip, &offset);
772 	if (bp != NULL && (offset == 4 || offset == 8)) {
773 		regs_set_return_ip(regs, bp->address + offset);
774 		atomic_dec(&bp->ref_count);
775 		return 1;
776 	}
777 
778 	/* Are we at a breakpoint? */
779 	bp = at_breakpoint(regs->nip);
780 	if (!bp)
781 		return 0;
782 
783 	xmon_core(regs, 0);
784 
785 	return 1;
786 }
787 
788 static int xmon_sstep(struct pt_regs *regs)
789 {
790 	if (user_mode(regs))
791 		return 0;
792 	xmon_core(regs, 0);
793 	return 1;
794 }
795 
796 static int xmon_break_match(struct pt_regs *regs)
797 {
798 	int i;
799 
800 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
801 		return 0;
802 	for (i = 0; i < nr_wp_slots(); i++) {
803 		if (dabr[i].enabled)
804 			goto found;
805 	}
806 	return 0;
807 
808 found:
809 	xmon_core(regs, 0);
810 	return 1;
811 }
812 
813 static int xmon_iabr_match(struct pt_regs *regs)
814 {
815 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) != (MSR_IR|MSR_64BIT))
816 		return 0;
817 	if (iabr == NULL)
818 		return 0;
819 	xmon_core(regs, 0);
820 	return 1;
821 }
822 
823 static int xmon_ipi(struct pt_regs *regs)
824 {
825 #ifdef CONFIG_SMP
826 	if (in_xmon && !cpumask_test_cpu(smp_processor_id(), &cpus_in_xmon))
827 		xmon_core(regs, 1);
828 #endif
829 	return 0;
830 }
831 
832 static int xmon_fault_handler(struct pt_regs *regs)
833 {
834 	struct bpt *bp;
835 	unsigned long offset;
836 
837 	if (in_xmon && catch_memory_errors)
838 		handle_fault(regs);	/* doesn't return */
839 
840 	if ((regs->msr & (MSR_IR|MSR_PR|MSR_64BIT)) == (MSR_IR|MSR_64BIT)) {
841 		bp = in_breakpoint_table(regs->nip, &offset);
842 		if (bp != NULL) {
843 			regs_set_return_ip(regs, bp->address + offset);
844 			atomic_dec(&bp->ref_count);
845 		}
846 	}
847 
848 	return 0;
849 }
850 
851 /* Force enable xmon if not already enabled */
852 static inline void force_enable_xmon(void)
853 {
854 	/* Enable xmon hooks if needed */
855 	if (!xmon_on) {
856 		printf("xmon: Enabling debugger hooks\n");
857 		xmon_on = 1;
858 	}
859 }
860 
861 static struct bpt *at_breakpoint(unsigned long pc)
862 {
863 	int i;
864 	struct bpt *volatile bp;
865 
866 	bp = bpts;
867 	for (i = 0; i < NBPTS; ++i, ++bp)
868 		if (bp->enabled && pc == bp->address)
869 			return bp;
870 	return NULL;
871 }
872 
873 static struct bpt *in_breakpoint_table(unsigned long nip, unsigned long *offp)
874 {
875 	unsigned long off;
876 
877 	off = nip - (unsigned long)bpt_table;
878 	if (off >= sizeof(bpt_table))
879 		return NULL;
880 	*offp = off & (BPT_SIZE - 1);
881 	if (off & 3)
882 		return NULL;
883 	return bpts + (off / BPT_SIZE);
884 }
885 
886 static struct bpt *new_breakpoint(unsigned long a)
887 {
888 	struct bpt *bp;
889 
890 	a &= ~3UL;
891 	bp = at_breakpoint(a);
892 	if (bp)
893 		return bp;
894 
895 	for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
896 		if (!bp->enabled && atomic_read(&bp->ref_count) == 0) {
897 			bp->address = a;
898 			bp->instr = (void *)(bpt_table + ((bp - bpts) * BPT_WORDS));
899 			return bp;
900 		}
901 	}
902 
903 	printf("Sorry, no free breakpoints.  Please clear one first.\n");
904 	return NULL;
905 }
906 
907 static void insert_bpts(void)
908 {
909 	int i;
910 	ppc_inst_t instr, instr2;
911 	struct bpt *bp, *bp2;
912 
913 	bp = bpts;
914 	for (i = 0; i < NBPTS; ++i, ++bp) {
915 		if ((bp->enabled & (BP_TRAP|BP_CIABR)) == 0)
916 			continue;
917 		if (!mread_instr(bp->address, &instr)) {
918 			printf("Couldn't read instruction at %lx, "
919 			       "disabling breakpoint there\n", bp->address);
920 			bp->enabled = 0;
921 			continue;
922 		}
923 		if (!can_single_step(ppc_inst_val(instr))) {
924 			printf("Breakpoint at %lx is on an instruction that can't be single stepped, disabling it\n",
925 					bp->address);
926 			bp->enabled = 0;
927 			continue;
928 		}
929 		/*
930 		 * Check the address is not a suffix by looking for a prefix in
931 		 * front of it.
932 		 */
933 		if (mread_instr(bp->address - 4, &instr2) == 8) {
934 			printf("Breakpoint at %lx is on the second word of a prefixed instruction, disabling it\n",
935 			       bp->address);
936 			bp->enabled = 0;
937 			continue;
938 		}
939 		/*
940 		 * We might still be a suffix - if the prefix has already been
941 		 * replaced by a breakpoint we won't catch it with the above
942 		 * test.
943 		 */
944 		bp2 = at_breakpoint(bp->address - 4);
945 		if (bp2 && ppc_inst_prefixed(ppc_inst_read(bp2->instr))) {
946 			printf("Breakpoint at %lx is on the second word of a prefixed instruction, disabling it\n",
947 			       bp->address);
948 			bp->enabled = 0;
949 			continue;
950 		}
951 
952 		patch_instruction(bp->instr, instr);
953 		patch_instruction(ppc_inst_next(bp->instr, bp->instr),
954 				  ppc_inst(bpinstr));
955 		if (bp->enabled & BP_CIABR)
956 			continue;
957 		if (patch_instruction((u32 *)bp->address,
958 				      ppc_inst(bpinstr)) != 0) {
959 			printf("Couldn't write instruction at %lx, "
960 			       "disabling breakpoint there\n", bp->address);
961 			bp->enabled &= ~BP_TRAP;
962 			continue;
963 		}
964 	}
965 }
966 
967 static void insert_cpu_bpts(void)
968 {
969 	int i;
970 	struct arch_hw_breakpoint brk;
971 
972 	for (i = 0; i < nr_wp_slots(); i++) {
973 		if (dabr[i].enabled) {
974 			brk.address = dabr[i].address;
975 			brk.type = (dabr[i].enabled & HW_BRK_TYPE_DABR) | HW_BRK_TYPE_PRIV_ALL;
976 			brk.len = 8;
977 			brk.hw_len = 8;
978 			__set_breakpoint(i, &brk);
979 		}
980 	}
981 
982 	if (iabr)
983 		set_ciabr(iabr->address);
984 }
985 
986 static void remove_bpts(void)
987 {
988 	int i;
989 	struct bpt *bp;
990 	ppc_inst_t instr;
991 
992 	bp = bpts;
993 	for (i = 0; i < NBPTS; ++i, ++bp) {
994 		if ((bp->enabled & (BP_TRAP|BP_CIABR)) != BP_TRAP)
995 			continue;
996 		if (mread_instr(bp->address, &instr)
997 		    && ppc_inst_equal(instr, ppc_inst(bpinstr))
998 		    && patch_instruction(
999 			(u32 *)bp->address, ppc_inst_read(bp->instr)) != 0)
1000 			printf("Couldn't remove breakpoint at %lx\n",
1001 			       bp->address);
1002 	}
1003 }
1004 
1005 static void remove_cpu_bpts(void)
1006 {
1007 	hw_breakpoint_disable();
1008 	write_ciabr(0);
1009 }
1010 
1011 /* Based on uptime_proc_show(). */
1012 static void
1013 show_uptime(void)
1014 {
1015 	struct timespec64 uptime;
1016 
1017 	if (setjmp(bus_error_jmp) == 0) {
1018 		catch_memory_errors = 1;
1019 		sync();
1020 
1021 		ktime_get_coarse_boottime_ts64(&uptime);
1022 		printf("Uptime: %lu.%.2lu seconds\n", (unsigned long)uptime.tv_sec,
1023 			((unsigned long)uptime.tv_nsec / (NSEC_PER_SEC/100)));
1024 
1025 		sync();
1026 		__delay(200);						\
1027 	}
1028 	catch_memory_errors = 0;
1029 }
1030 
1031 static void set_lpp_cmd(void)
1032 {
1033 	unsigned long lpp;
1034 
1035 	if (!scanhex(&lpp)) {
1036 		printf("Invalid number.\n");
1037 		lpp = 0;
1038 	}
1039 	xmon_set_pagination_lpp(lpp);
1040 }
1041 /* Command interpreting routine */
1042 static char *last_cmd;
1043 
1044 static int
1045 cmds(struct pt_regs *excp)
1046 {
1047 	int cmd = 0;
1048 
1049 	last_cmd = NULL;
1050 	xmon_regs = excp;
1051 
1052 	xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
1053 
1054 	for(;;) {
1055 #ifdef CONFIG_SMP
1056 		printf("%x:", smp_processor_id());
1057 #endif /* CONFIG_SMP */
1058 		printf("mon> ");
1059 		flush_input();
1060 		termch = 0;
1061 		cmd = skipbl();
1062 		if( cmd == '\n' ) {
1063 			if (last_cmd == NULL)
1064 				continue;
1065 			take_input(last_cmd);
1066 			last_cmd = NULL;
1067 			cmd = inchar();
1068 		}
1069 		switch (cmd) {
1070 		case 'm':
1071 			cmd = inchar();
1072 			switch (cmd) {
1073 			case 'm':
1074 			case 's':
1075 			case 'd':
1076 				memops(cmd);
1077 				break;
1078 			case 'l':
1079 				memlocate();
1080 				break;
1081 			case 'z':
1082 				if (xmon_is_ro) {
1083 					printf(xmon_ro_msg);
1084 					break;
1085 				}
1086 				memzcan();
1087 				break;
1088 			case 'i':
1089 				show_mem(0, NULL);
1090 				break;
1091 			default:
1092 				termch = cmd;
1093 				memex();
1094 			}
1095 			break;
1096 		case 'd':
1097 			dump();
1098 			break;
1099 		case 'l':
1100 			symbol_lookup();
1101 			break;
1102 		case 'r':
1103 			prregs(excp);	/* print regs */
1104 			break;
1105 		case 'e':
1106 			excprint(excp);
1107 			break;
1108 		case 'S':
1109 			super_regs();
1110 			break;
1111 		case 't':
1112 			backtrace(excp);
1113 			break;
1114 		case 'f':
1115 			cacheflush();
1116 			break;
1117 		case 's':
1118 			if (do_spu_cmd() == 0)
1119 				break;
1120 			if (do_step(excp))
1121 				return cmd;
1122 			break;
1123 		case 'x':
1124 		case 'X':
1125 			if (tracing_enabled)
1126 				tracing_on();
1127 			return cmd;
1128 		case EOF:
1129 			printf(" <no input ...>\n");
1130 			mdelay(2000);
1131 			return cmd;
1132 		case '?':
1133 			xmon_puts(help_string);
1134 			break;
1135 		case '#':
1136 			set_lpp_cmd();
1137 			break;
1138 		case 'b':
1139 			bpt_cmds();
1140 			break;
1141 		case 'C':
1142 			csum();
1143 			break;
1144 		case 'c':
1145 			if (cpu_cmd())
1146 				return 0;
1147 			break;
1148 		case 'z':
1149 			bootcmds();
1150 			break;
1151 		case 'p':
1152 			if (xmon_is_ro) {
1153 				printf(xmon_ro_msg);
1154 				break;
1155 			}
1156 			proccall();
1157 			break;
1158 		case 'P':
1159 			show_tasks();
1160 			break;
1161 #if defined(CONFIG_PPC_BOOK3S_32) || defined(CONFIG_PPC_64S_HASH_MMU)
1162 		case 'u':
1163 			dump_segments();
1164 			break;
1165 #elif defined(CONFIG_44x)
1166 		case 'u':
1167 			dump_tlb_44x();
1168 			break;
1169 #elif defined(CONFIG_PPC_BOOK3E_64)
1170 		case 'u':
1171 			dump_tlb_book3e();
1172 			break;
1173 #endif
1174 		case 'U':
1175 			show_uptime();
1176 			break;
1177 		default:
1178 			printf("Unrecognized command: ");
1179 			do {
1180 				if (' ' < cmd && cmd <= '~')
1181 					putchar(cmd);
1182 				else
1183 					printf("\\x%x", cmd);
1184 				cmd = inchar();
1185 			} while (cmd != '\n');
1186 			printf(" (type ? for help)\n");
1187 			break;
1188 		}
1189 	}
1190 }
1191 
1192 #ifdef CONFIG_BOOKE
1193 static int do_step(struct pt_regs *regs)
1194 {
1195 	regs_set_return_msr(regs, regs->msr | MSR_DE);
1196 	mtspr(SPRN_DBCR0, mfspr(SPRN_DBCR0) | DBCR0_IC | DBCR0_IDM);
1197 	return 1;
1198 }
1199 #else
1200 /*
1201  * Step a single instruction.
1202  * Some instructions we emulate, others we execute with MSR_SE set.
1203  */
1204 static int do_step(struct pt_regs *regs)
1205 {
1206 	ppc_inst_t instr;
1207 	int stepped;
1208 
1209 	force_enable_xmon();
1210 	/* check we are in 64-bit kernel mode, translation enabled */
1211 	if ((regs->msr & (MSR_64BIT|MSR_PR|MSR_IR)) == (MSR_64BIT|MSR_IR)) {
1212 		if (mread_instr(regs->nip, &instr)) {
1213 			stepped = emulate_step(regs, instr);
1214 			if (stepped < 0) {
1215 				printf("Couldn't single-step %s instruction\n",
1216 				       (IS_RFID(instr)? "rfid": "mtmsrd"));
1217 				return 0;
1218 			}
1219 			if (stepped > 0) {
1220 				set_trap(regs, 0xd00);
1221 				printf("stepped to ");
1222 				xmon_print_symbol(regs->nip, " ", "\n");
1223 				ppc_inst_dump(regs->nip, 1, 0);
1224 				return 0;
1225 			}
1226 		}
1227 	}
1228 	regs_set_return_msr(regs, regs->msr | MSR_SE);
1229 	return 1;
1230 }
1231 #endif
1232 
1233 static void bootcmds(void)
1234 {
1235 	char tmp[64];
1236 	int cmd;
1237 
1238 	cmd = inchar();
1239 	if (cmd == 'r') {
1240 		getstring(tmp, 64);
1241 		ppc_md.restart(tmp);
1242 	} else if (cmd == 'h') {
1243 		ppc_md.halt();
1244 	} else if (cmd == 'p') {
1245 		do_kernel_power_off();
1246 	}
1247 }
1248 
1249 #ifdef CONFIG_SMP
1250 static int xmon_switch_cpu(unsigned long cpu)
1251 {
1252 	int timeout;
1253 
1254 	xmon_taken = 0;
1255 	mb();
1256 	xmon_owner = cpu;
1257 	timeout = 10000000;
1258 	while (!xmon_taken) {
1259 		if (--timeout == 0) {
1260 			if (test_and_set_bit(0, &xmon_taken))
1261 				break;
1262 			/* take control back */
1263 			mb();
1264 			xmon_owner = smp_processor_id();
1265 			printf("cpu 0x%lx didn't take control\n", cpu);
1266 			return 0;
1267 		}
1268 		barrier();
1269 	}
1270 	return 1;
1271 }
1272 
1273 static int xmon_batch_next_cpu(void)
1274 {
1275 	unsigned long cpu;
1276 
1277 	while (!cpumask_empty(&xmon_batch_cpus)) {
1278 		cpu = cpumask_next_wrap(smp_processor_id(), &xmon_batch_cpus,
1279 					xmon_batch_start_cpu, true);
1280 		if (cpu == nr_cpumask_bits)
1281 			break;
1282 		if (xmon_batch_start_cpu == -1)
1283 			xmon_batch_start_cpu = cpu;
1284 		if (xmon_switch_cpu(cpu))
1285 			return 0;
1286 		cpumask_clear_cpu(cpu, &xmon_batch_cpus);
1287 	}
1288 
1289 	xmon_batch = 0;
1290 	printf("%x:mon> \n", smp_processor_id());
1291 	return 1;
1292 }
1293 
1294 static int batch_cmds(struct pt_regs *excp)
1295 {
1296 	int cmd;
1297 
1298 	/* simulate command entry */
1299 	cmd = xmon_batch;
1300 	termch = '\n';
1301 
1302 	last_cmd = NULL;
1303 	xmon_regs = excp;
1304 
1305 	printf("%x:", smp_processor_id());
1306 	printf("mon> ");
1307 	printf("%c\n", (char)cmd);
1308 
1309 	switch (cmd) {
1310 	case 'r':
1311 		prregs(excp);	/* print regs */
1312 		break;
1313 	case 'S':
1314 		super_regs();
1315 		break;
1316 	case 't':
1317 		backtrace(excp);
1318 		break;
1319 	}
1320 
1321 	cpumask_clear_cpu(smp_processor_id(), &xmon_batch_cpus);
1322 
1323 	return xmon_batch_next_cpu();
1324 }
1325 
1326 static int cpu_cmd(void)
1327 {
1328 	unsigned long cpu, first_cpu, last_cpu;
1329 
1330 	cpu = skipbl();
1331 	if (cpu == '#') {
1332 		xmon_batch = skipbl();
1333 		if (xmon_batch) {
1334 			switch (xmon_batch) {
1335 			case 'r':
1336 			case 'S':
1337 			case 't':
1338 				cpumask_copy(&xmon_batch_cpus, &cpus_in_xmon);
1339 				if (cpumask_weight(&xmon_batch_cpus) <= 1) {
1340 					printf("There are no other cpus in xmon\n");
1341 					break;
1342 				}
1343 				xmon_batch_start_cpu = -1;
1344 				if (!xmon_batch_next_cpu())
1345 					return 1;
1346 				break;
1347 			default:
1348 				printf("c# only supports 'r', 'S' and 't' commands\n");
1349 			}
1350 			xmon_batch = 0;
1351 			return 0;
1352 		}
1353 	}
1354 	termch = cpu;
1355 
1356 	if (!scanhex(&cpu)) {
1357 		/* print cpus waiting or in xmon */
1358 		printf("cpus stopped:");
1359 		last_cpu = first_cpu = NR_CPUS;
1360 		for_each_possible_cpu(cpu) {
1361 			if (cpumask_test_cpu(cpu, &cpus_in_xmon)) {
1362 				if (cpu == last_cpu + 1) {
1363 					last_cpu = cpu;
1364 				} else {
1365 					if (last_cpu != first_cpu)
1366 						printf("-0x%lx", last_cpu);
1367 					last_cpu = first_cpu = cpu;
1368 					printf(" 0x%lx", cpu);
1369 				}
1370 			}
1371 		}
1372 		if (last_cpu != first_cpu)
1373 			printf("-0x%lx", last_cpu);
1374 		printf("\n");
1375 		return 0;
1376 	}
1377 	/* try to switch to cpu specified */
1378 	if (!cpumask_test_cpu(cpu, &cpus_in_xmon)) {
1379 		printf("cpu 0x%lx isn't in xmon\n", cpu);
1380 #ifdef CONFIG_PPC64
1381 		printf("backtrace of paca[0x%lx].saved_r1 (possibly stale):\n", cpu);
1382 		xmon_show_stack(paca_ptrs[cpu]->saved_r1, 0, 0);
1383 #endif
1384 		return 0;
1385 	}
1386 
1387 	return xmon_switch_cpu(cpu);
1388 }
1389 #else
1390 static int cpu_cmd(void)
1391 {
1392 	return 0;
1393 }
1394 #endif /* CONFIG_SMP */
1395 
1396 static unsigned short fcstab[256] = {
1397 	0x0000, 0x1189, 0x2312, 0x329b, 0x4624, 0x57ad, 0x6536, 0x74bf,
1398 	0x8c48, 0x9dc1, 0xaf5a, 0xbed3, 0xca6c, 0xdbe5, 0xe97e, 0xf8f7,
1399 	0x1081, 0x0108, 0x3393, 0x221a, 0x56a5, 0x472c, 0x75b7, 0x643e,
1400 	0x9cc9, 0x8d40, 0xbfdb, 0xae52, 0xdaed, 0xcb64, 0xf9ff, 0xe876,
1401 	0x2102, 0x308b, 0x0210, 0x1399, 0x6726, 0x76af, 0x4434, 0x55bd,
1402 	0xad4a, 0xbcc3, 0x8e58, 0x9fd1, 0xeb6e, 0xfae7, 0xc87c, 0xd9f5,
1403 	0x3183, 0x200a, 0x1291, 0x0318, 0x77a7, 0x662e, 0x54b5, 0x453c,
1404 	0xbdcb, 0xac42, 0x9ed9, 0x8f50, 0xfbef, 0xea66, 0xd8fd, 0xc974,
1405 	0x4204, 0x538d, 0x6116, 0x709f, 0x0420, 0x15a9, 0x2732, 0x36bb,
1406 	0xce4c, 0xdfc5, 0xed5e, 0xfcd7, 0x8868, 0x99e1, 0xab7a, 0xbaf3,
1407 	0x5285, 0x430c, 0x7197, 0x601e, 0x14a1, 0x0528, 0x37b3, 0x263a,
1408 	0xdecd, 0xcf44, 0xfddf, 0xec56, 0x98e9, 0x8960, 0xbbfb, 0xaa72,
1409 	0x6306, 0x728f, 0x4014, 0x519d, 0x2522, 0x34ab, 0x0630, 0x17b9,
1410 	0xef4e, 0xfec7, 0xcc5c, 0xddd5, 0xa96a, 0xb8e3, 0x8a78, 0x9bf1,
1411 	0x7387, 0x620e, 0x5095, 0x411c, 0x35a3, 0x242a, 0x16b1, 0x0738,
1412 	0xffcf, 0xee46, 0xdcdd, 0xcd54, 0xb9eb, 0xa862, 0x9af9, 0x8b70,
1413 	0x8408, 0x9581, 0xa71a, 0xb693, 0xc22c, 0xd3a5, 0xe13e, 0xf0b7,
1414 	0x0840, 0x19c9, 0x2b52, 0x3adb, 0x4e64, 0x5fed, 0x6d76, 0x7cff,
1415 	0x9489, 0x8500, 0xb79b, 0xa612, 0xd2ad, 0xc324, 0xf1bf, 0xe036,
1416 	0x18c1, 0x0948, 0x3bd3, 0x2a5a, 0x5ee5, 0x4f6c, 0x7df7, 0x6c7e,
1417 	0xa50a, 0xb483, 0x8618, 0x9791, 0xe32e, 0xf2a7, 0xc03c, 0xd1b5,
1418 	0x2942, 0x38cb, 0x0a50, 0x1bd9, 0x6f66, 0x7eef, 0x4c74, 0x5dfd,
1419 	0xb58b, 0xa402, 0x9699, 0x8710, 0xf3af, 0xe226, 0xd0bd, 0xc134,
1420 	0x39c3, 0x284a, 0x1ad1, 0x0b58, 0x7fe7, 0x6e6e, 0x5cf5, 0x4d7c,
1421 	0xc60c, 0xd785, 0xe51e, 0xf497, 0x8028, 0x91a1, 0xa33a, 0xb2b3,
1422 	0x4a44, 0x5bcd, 0x6956, 0x78df, 0x0c60, 0x1de9, 0x2f72, 0x3efb,
1423 	0xd68d, 0xc704, 0xf59f, 0xe416, 0x90a9, 0x8120, 0xb3bb, 0xa232,
1424 	0x5ac5, 0x4b4c, 0x79d7, 0x685e, 0x1ce1, 0x0d68, 0x3ff3, 0x2e7a,
1425 	0xe70e, 0xf687, 0xc41c, 0xd595, 0xa12a, 0xb0a3, 0x8238, 0x93b1,
1426 	0x6b46, 0x7acf, 0x4854, 0x59dd, 0x2d62, 0x3ceb, 0x0e70, 0x1ff9,
1427 	0xf78f, 0xe606, 0xd49d, 0xc514, 0xb1ab, 0xa022, 0x92b9, 0x8330,
1428 	0x7bc7, 0x6a4e, 0x58d5, 0x495c, 0x3de3, 0x2c6a, 0x1ef1, 0x0f78
1429 };
1430 
1431 #define FCS(fcs, c)	(((fcs) >> 8) ^ fcstab[((fcs) ^ (c)) & 0xff])
1432 
1433 static void
1434 csum(void)
1435 {
1436 	unsigned int i;
1437 	unsigned short fcs;
1438 	unsigned char v;
1439 
1440 	if (!scanhex(&adrs))
1441 		return;
1442 	if (!scanhex(&ncsum))
1443 		return;
1444 	fcs = 0xffff;
1445 	for (i = 0; i < ncsum; ++i) {
1446 		if (mread(adrs+i, &v, 1) == 0) {
1447 			printf("csum stopped at "REG"\n", adrs+i);
1448 			break;
1449 		}
1450 		fcs = FCS(fcs, v);
1451 	}
1452 	printf("%x\n", fcs);
1453 }
1454 
1455 /*
1456  * Check if this is a suitable place to put a breakpoint.
1457  */
1458 static long check_bp_loc(unsigned long addr)
1459 {
1460 	ppc_inst_t instr;
1461 
1462 	addr &= ~3;
1463 	if (!is_kernel_addr(addr)) {
1464 		printf("Breakpoints may only be placed at kernel addresses\n");
1465 		return 0;
1466 	}
1467 	if (!mread_instr(addr, &instr)) {
1468 		printf("Can't read instruction at address %lx\n", addr);
1469 		return 0;
1470 	}
1471 	if (!can_single_step(ppc_inst_val(instr))) {
1472 		printf("Breakpoints may not be placed on instructions that can't be single stepped\n");
1473 		return 0;
1474 	}
1475 	return 1;
1476 }
1477 
1478 static int find_free_data_bpt(void)
1479 {
1480 	int i;
1481 
1482 	for (i = 0; i < nr_wp_slots(); i++) {
1483 		if (!dabr[i].enabled)
1484 			return i;
1485 	}
1486 	printf("Couldn't find free breakpoint register\n");
1487 	return -1;
1488 }
1489 
1490 static void print_data_bpts(void)
1491 {
1492 	int i;
1493 
1494 	for (i = 0; i < nr_wp_slots(); i++) {
1495 		if (!dabr[i].enabled)
1496 			continue;
1497 
1498 		printf("   data   "REG"  [", dabr[i].address);
1499 		if (dabr[i].enabled & 1)
1500 			printf("r");
1501 		if (dabr[i].enabled & 2)
1502 			printf("w");
1503 		printf("]\n");
1504 	}
1505 }
1506 
1507 static char *breakpoint_help_string =
1508     "Breakpoint command usage:\n"
1509     "b                show breakpoints\n"
1510     "b <addr> [cnt]   set breakpoint at given instr addr\n"
1511     "bc               clear all breakpoints\n"
1512     "bc <n/addr>      clear breakpoint number n or at addr\n"
1513     "bi <addr> [cnt]  set hardware instr breakpoint (POWER8 only)\n"
1514     "bd <addr> [cnt]  set hardware data breakpoint\n"
1515     "";
1516 
1517 static void
1518 bpt_cmds(void)
1519 {
1520 	int cmd;
1521 	unsigned long a;
1522 	int i;
1523 	struct bpt *bp;
1524 
1525 	cmd = inchar();
1526 
1527 	switch (cmd) {
1528 	case 'd': {	/* bd - hardware data breakpoint */
1529 		static const char badaddr[] = "Only kernel addresses are permitted for breakpoints\n";
1530 		int mode;
1531 		if (xmon_is_ro) {
1532 			printf(xmon_ro_msg);
1533 			break;
1534 		}
1535 		if (!ppc_breakpoint_available()) {
1536 			printf("Hardware data breakpoint not supported on this cpu\n");
1537 			break;
1538 		}
1539 		i = find_free_data_bpt();
1540 		if (i < 0)
1541 			break;
1542 		mode = 7;
1543 		cmd = inchar();
1544 		if (cmd == 'r')
1545 			mode = 5;
1546 		else if (cmd == 'w')
1547 			mode = 6;
1548 		else
1549 			termch = cmd;
1550 		dabr[i].address = 0;
1551 		dabr[i].enabled = 0;
1552 		if (scanhex(&dabr[i].address)) {
1553 			if (!is_kernel_addr(dabr[i].address)) {
1554 				printf(badaddr);
1555 				break;
1556 			}
1557 			dabr[i].address &= ~HW_BRK_TYPE_DABR;
1558 			dabr[i].enabled = mode | BP_DABR;
1559 		}
1560 
1561 		force_enable_xmon();
1562 		break;
1563 	}
1564 
1565 	case 'i':	/* bi - hardware instr breakpoint */
1566 		if (xmon_is_ro) {
1567 			printf(xmon_ro_msg);
1568 			break;
1569 		}
1570 		if (!cpu_has_feature(CPU_FTR_ARCH_207S)) {
1571 			printf("Hardware instruction breakpoint "
1572 			       "not supported on this cpu\n");
1573 			break;
1574 		}
1575 		if (iabr) {
1576 			iabr->enabled &= ~BP_CIABR;
1577 			iabr = NULL;
1578 		}
1579 		if (!scanhex(&a))
1580 			break;
1581 		if (!check_bp_loc(a))
1582 			break;
1583 		bp = new_breakpoint(a);
1584 		if (bp != NULL) {
1585 			bp->enabled |= BP_CIABR;
1586 			iabr = bp;
1587 			force_enable_xmon();
1588 		}
1589 		break;
1590 
1591 	case 'c':
1592 		if (!scanhex(&a)) {
1593 			/* clear all breakpoints */
1594 			for (i = 0; i < NBPTS; ++i)
1595 				bpts[i].enabled = 0;
1596 			iabr = NULL;
1597 			for (i = 0; i < nr_wp_slots(); i++)
1598 				dabr[i].enabled = 0;
1599 
1600 			printf("All breakpoints cleared\n");
1601 			break;
1602 		}
1603 
1604 		if (a <= NBPTS && a >= 1) {
1605 			/* assume a breakpoint number */
1606 			bp = &bpts[a-1];	/* bp nums are 1 based */
1607 		} else {
1608 			/* assume a breakpoint address */
1609 			bp = at_breakpoint(a);
1610 			if (bp == NULL) {
1611 				printf("No breakpoint at %lx\n", a);
1612 				break;
1613 			}
1614 		}
1615 
1616 		printf("Cleared breakpoint %tx (", BP_NUM(bp));
1617 		xmon_print_symbol(bp->address, " ", ")\n");
1618 		bp->enabled = 0;
1619 		break;
1620 
1621 	default:
1622 		termch = cmd;
1623 		cmd = skipbl();
1624 		if (cmd == '?') {
1625 			printf(breakpoint_help_string);
1626 			break;
1627 		}
1628 		termch = cmd;
1629 
1630 		if (xmon_is_ro || !scanhex(&a)) {
1631 			/* print all breakpoints */
1632 			printf("   type            address\n");
1633 			print_data_bpts();
1634 			for (bp = bpts; bp < &bpts[NBPTS]; ++bp) {
1635 				if (!bp->enabled)
1636 					continue;
1637 				printf("%tx %s   ", BP_NUM(bp),
1638 				    (bp->enabled & BP_CIABR) ? "inst": "trap");
1639 				xmon_print_symbol(bp->address, "  ", "\n");
1640 			}
1641 			break;
1642 		}
1643 
1644 		if (!check_bp_loc(a))
1645 			break;
1646 		bp = new_breakpoint(a);
1647 		if (bp != NULL) {
1648 			bp->enabled |= BP_TRAP;
1649 			force_enable_xmon();
1650 		}
1651 		break;
1652 	}
1653 }
1654 
1655 /* Very cheap human name for vector lookup. */
1656 static
1657 const char *getvecname(unsigned long vec)
1658 {
1659 	char *ret;
1660 
1661 	switch (vec) {
1662 	case 0x100:	ret = "(System Reset)"; break;
1663 	case 0x200:	ret = "(Machine Check)"; break;
1664 	case 0x300:	ret = "(Data Access)"; break;
1665 	case 0x380:
1666 		if (radix_enabled())
1667 			ret = "(Data Access Out of Range)";
1668 		else
1669 			ret = "(Data SLB Access)";
1670 		break;
1671 	case 0x400:	ret = "(Instruction Access)"; break;
1672 	case 0x480:
1673 		if (radix_enabled())
1674 			ret = "(Instruction Access Out of Range)";
1675 		else
1676 			ret = "(Instruction SLB Access)";
1677 		break;
1678 	case 0x500:	ret = "(Hardware Interrupt)"; break;
1679 	case 0x600:	ret = "(Alignment)"; break;
1680 	case 0x700:	ret = "(Program Check)"; break;
1681 	case 0x800:	ret = "(FPU Unavailable)"; break;
1682 	case 0x900:	ret = "(Decrementer)"; break;
1683 	case 0x980:	ret = "(Hypervisor Decrementer)"; break;
1684 	case 0xa00:	ret = "(Doorbell)"; break;
1685 	case 0xc00:	ret = "(System Call)"; break;
1686 	case 0xd00:	ret = "(Single Step)"; break;
1687 	case 0xe40:	ret = "(Emulation Assist)"; break;
1688 	case 0xe60:	ret = "(HMI)"; break;
1689 	case 0xe80:	ret = "(Hypervisor Doorbell)"; break;
1690 	case 0xf00:	ret = "(Performance Monitor)"; break;
1691 	case 0xf20:	ret = "(Altivec Unavailable)"; break;
1692 	case 0x1300:	ret = "(Instruction Breakpoint)"; break;
1693 	case 0x1500:	ret = "(Denormalisation)"; break;
1694 	case 0x1700:	ret = "(Altivec Assist)"; break;
1695 	case 0x3000:	ret = "(System Call Vectored)"; break;
1696 	default: ret = "";
1697 	}
1698 	return ret;
1699 }
1700 
1701 static void get_function_bounds(unsigned long pc, unsigned long *startp,
1702 				unsigned long *endp)
1703 {
1704 	unsigned long size, offset;
1705 	const char *name;
1706 
1707 	*startp = *endp = 0;
1708 	if (pc == 0)
1709 		return;
1710 	if (setjmp(bus_error_jmp) == 0) {
1711 		catch_memory_errors = 1;
1712 		sync();
1713 		name = kallsyms_lookup(pc, &size, &offset, NULL, tmpstr);
1714 		if (name != NULL) {
1715 			*startp = pc - offset;
1716 			*endp = pc - offset + size;
1717 		}
1718 		sync();
1719 	}
1720 	catch_memory_errors = 0;
1721 }
1722 
1723 #define LRSAVE_OFFSET		(STACK_FRAME_LR_SAVE * sizeof(unsigned long))
1724 
1725 static void xmon_show_stack(unsigned long sp, unsigned long lr,
1726 			    unsigned long pc)
1727 {
1728 	int max_to_print = 64;
1729 	unsigned long ip;
1730 	unsigned long newsp;
1731 	unsigned long marker;
1732 	struct pt_regs regs;
1733 
1734 	while (max_to_print--) {
1735 		if (!is_kernel_addr(sp)) {
1736 			if (sp != 0)
1737 				printf("SP (%lx) is in userspace\n", sp);
1738 			break;
1739 		}
1740 
1741 		if (!mread(sp + LRSAVE_OFFSET, &ip, sizeof(unsigned long))
1742 		    || !mread(sp, &newsp, sizeof(unsigned long))) {
1743 			printf("Couldn't read stack frame at %lx\n", sp);
1744 			break;
1745 		}
1746 
1747 		/*
1748 		 * For the first stack frame, try to work out if
1749 		 * LR and/or the saved LR value in the bottommost
1750 		 * stack frame are valid.
1751 		 */
1752 		if ((pc | lr) != 0) {
1753 			unsigned long fnstart, fnend;
1754 			unsigned long nextip;
1755 			int printip = 1;
1756 
1757 			get_function_bounds(pc, &fnstart, &fnend);
1758 			nextip = 0;
1759 			if (newsp > sp)
1760 				mread(newsp + LRSAVE_OFFSET, &nextip,
1761 				      sizeof(unsigned long));
1762 			if (lr == ip) {
1763 				if (!is_kernel_addr(lr)
1764 				    || (fnstart <= lr && lr < fnend))
1765 					printip = 0;
1766 			} else if (lr == nextip) {
1767 				printip = 0;
1768 			} else if (is_kernel_addr(lr)
1769 				   && !(fnstart <= lr && lr < fnend)) {
1770 				printf("[link register   ] ");
1771 				xmon_print_symbol(lr, " ", "\n");
1772 			}
1773 			if (printip) {
1774 				printf("["REG"] ", sp);
1775 				xmon_print_symbol(ip, " ", " (unreliable)\n");
1776 			}
1777 			pc = lr = 0;
1778 
1779 		} else {
1780 			printf("["REG"] ", sp);
1781 			xmon_print_symbol(ip, " ", "\n");
1782 		}
1783 
1784 		/* Look for "regs" marker to see if this is
1785 		   an exception frame. */
1786 		if (mread(sp + STACK_INT_FRAME_MARKER, &marker, sizeof(unsigned long))
1787 		    && marker == STACK_FRAME_REGS_MARKER) {
1788 			if (mread(sp + STACK_INT_FRAME_REGS, &regs, sizeof(regs)) != sizeof(regs)) {
1789 				printf("Couldn't read registers at %lx\n",
1790 				       sp + STACK_INT_FRAME_REGS);
1791 				break;
1792 			}
1793 			printf("--- Exception: %lx %s at ", regs.trap,
1794 			       getvecname(TRAP(&regs)));
1795 			pc = regs.nip;
1796 			lr = regs.link;
1797 			xmon_print_symbol(pc, " ", "\n");
1798 		}
1799 
1800 		if (newsp == 0)
1801 			break;
1802 
1803 		sp = newsp;
1804 	}
1805 }
1806 
1807 static void backtrace(struct pt_regs *excp)
1808 {
1809 	unsigned long sp;
1810 
1811 	if (scanhex(&sp))
1812 		xmon_show_stack(sp, 0, 0);
1813 	else
1814 		xmon_show_stack(excp->gpr[1], excp->link, excp->nip);
1815 	scannl();
1816 }
1817 
1818 static void print_bug_trap(struct pt_regs *regs)
1819 {
1820 #ifdef CONFIG_BUG
1821 	const struct bug_entry *bug;
1822 	unsigned long addr;
1823 
1824 	if (regs->msr & MSR_PR)
1825 		return;		/* not in kernel */
1826 	addr = regs->nip;	/* address of trap instruction */
1827 	if (!is_kernel_addr(addr))
1828 		return;
1829 	bug = find_bug(regs->nip);
1830 	if (bug == NULL)
1831 		return;
1832 	if (is_warning_bug(bug))
1833 		return;
1834 
1835 #ifdef CONFIG_DEBUG_BUGVERBOSE
1836 	printf("kernel BUG at %s:%u!\n",
1837 	       (char *)bug + bug->file_disp, bug->line);
1838 #else
1839 	printf("kernel BUG at %px!\n", (void *)bug + bug->bug_addr_disp);
1840 #endif
1841 #endif /* CONFIG_BUG */
1842 }
1843 
1844 static void excprint(struct pt_regs *fp)
1845 {
1846 	unsigned long trap;
1847 
1848 #ifdef CONFIG_SMP
1849 	printf("cpu 0x%x: ", smp_processor_id());
1850 #endif /* CONFIG_SMP */
1851 
1852 	trap = TRAP(fp);
1853 	printf("Vector: %lx %s at [%px]\n", fp->trap, getvecname(trap), fp);
1854 	printf("    pc: ");
1855 	xmon_print_symbol(fp->nip, ": ", "\n");
1856 
1857 	printf("    lr: ");
1858 	xmon_print_symbol(fp->link, ": ", "\n");
1859 
1860 	printf("    sp: %lx\n", fp->gpr[1]);
1861 	printf("   msr: %lx\n", fp->msr);
1862 
1863 	if (trap == INTERRUPT_DATA_STORAGE ||
1864 	    trap == INTERRUPT_DATA_SEGMENT ||
1865 	    trap == INTERRUPT_ALIGNMENT ||
1866 	    trap == INTERRUPT_MACHINE_CHECK) {
1867 		printf("   dar: %lx\n", fp->dar);
1868 		if (trap != INTERRUPT_DATA_SEGMENT)
1869 			printf(" dsisr: %lx\n", fp->dsisr);
1870 	}
1871 
1872 	printf("  current = 0x%px\n", current);
1873 #ifdef CONFIG_PPC64
1874 	printf("  paca    = 0x%px\t irqmask: 0x%02x\t irq_happened: 0x%02x\n",
1875 	       local_paca, local_paca->irq_soft_mask, local_paca->irq_happened);
1876 #endif
1877 	if (current) {
1878 		printf("    pid   = %d, comm = %s\n",
1879 		       current->pid, current->comm);
1880 	}
1881 
1882 	if (trap == INTERRUPT_PROGRAM)
1883 		print_bug_trap(fp);
1884 
1885 	printf(linux_banner);
1886 }
1887 
1888 static void prregs(struct pt_regs *fp)
1889 {
1890 	int n, trap;
1891 	unsigned long base;
1892 	struct pt_regs regs;
1893 
1894 	if (scanhex(&base)) {
1895 		if (setjmp(bus_error_jmp) == 0) {
1896 			catch_memory_errors = 1;
1897 			sync();
1898 			regs = *(struct pt_regs *)base;
1899 			sync();
1900 			__delay(200);
1901 		} else {
1902 			catch_memory_errors = 0;
1903 			printf("*** Error reading registers from "REG"\n",
1904 			       base);
1905 			return;
1906 		}
1907 		catch_memory_errors = 0;
1908 		fp = &regs;
1909 	}
1910 
1911 #ifdef CONFIG_PPC64
1912 #define R_PER_LINE 2
1913 #else
1914 #define R_PER_LINE 4
1915 #endif
1916 
1917 	for (n = 0; n < 32; ++n) {
1918 		printf("R%.2d = "REG"%s", n, fp->gpr[n],
1919 			(n % R_PER_LINE) == R_PER_LINE - 1 ? "\n" : "   ");
1920 	}
1921 
1922 	printf("pc  = ");
1923 	xmon_print_symbol(fp->nip, " ", "\n");
1924 	if (!trap_is_syscall(fp) && cpu_has_feature(CPU_FTR_CFAR)) {
1925 		printf("cfar= ");
1926 		xmon_print_symbol(fp->orig_gpr3, " ", "\n");
1927 	}
1928 	printf("lr  = ");
1929 	xmon_print_symbol(fp->link, " ", "\n");
1930 	printf("msr = "REG"   cr  = %.8lx\n", fp->msr, fp->ccr);
1931 	printf("ctr = "REG"   xer = "REG"   trap = %4lx\n",
1932 	       fp->ctr, fp->xer, fp->trap);
1933 	trap = TRAP(fp);
1934 	if (trap == INTERRUPT_DATA_STORAGE ||
1935 	    trap == INTERRUPT_DATA_SEGMENT ||
1936 	    trap == INTERRUPT_ALIGNMENT)
1937 		printf("dar = "REG"   dsisr = %.8lx\n", fp->dar, fp->dsisr);
1938 }
1939 
1940 static void cacheflush(void)
1941 {
1942 	int cmd;
1943 	unsigned long nflush;
1944 
1945 	cmd = inchar();
1946 	if (cmd != 'i')
1947 		termch = cmd;
1948 	scanhex((void *)&adrs);
1949 	if (termch != '\n')
1950 		termch = 0;
1951 	nflush = 1;
1952 	scanhex(&nflush);
1953 	nflush = (nflush + L1_CACHE_BYTES - 1) / L1_CACHE_BYTES;
1954 	if (setjmp(bus_error_jmp) == 0) {
1955 		catch_memory_errors = 1;
1956 		sync();
1957 
1958 		if (cmd != 'i' || IS_ENABLED(CONFIG_PPC_BOOK3S_64)) {
1959 			for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1960 				cflush((void *) adrs);
1961 		} else {
1962 			for (; nflush > 0; --nflush, adrs += L1_CACHE_BYTES)
1963 				cinval((void *) adrs);
1964 		}
1965 		sync();
1966 		/* wait a little while to see if we get a machine check */
1967 		__delay(200);
1968 	}
1969 	catch_memory_errors = 0;
1970 }
1971 
1972 extern unsigned long xmon_mfspr(int spr, unsigned long default_value);
1973 extern void xmon_mtspr(int spr, unsigned long value);
1974 
1975 static int
1976 read_spr(int n, unsigned long *vp)
1977 {
1978 	unsigned long ret = -1UL;
1979 	int ok = 0;
1980 
1981 	if (setjmp(bus_error_jmp) == 0) {
1982 		catch_spr_faults = 1;
1983 		sync();
1984 
1985 		ret = xmon_mfspr(n, *vp);
1986 
1987 		sync();
1988 		*vp = ret;
1989 		ok = 1;
1990 	}
1991 	catch_spr_faults = 0;
1992 
1993 	return ok;
1994 }
1995 
1996 static void
1997 write_spr(int n, unsigned long val)
1998 {
1999 	if (xmon_is_ro) {
2000 		printf(xmon_ro_msg);
2001 		return;
2002 	}
2003 
2004 	if (setjmp(bus_error_jmp) == 0) {
2005 		catch_spr_faults = 1;
2006 		sync();
2007 
2008 		xmon_mtspr(n, val);
2009 
2010 		sync();
2011 	} else {
2012 		printf("SPR 0x%03x (%4d) Faulted during write\n", n, n);
2013 	}
2014 	catch_spr_faults = 0;
2015 }
2016 
2017 static void dump_206_sprs(void)
2018 {
2019 #ifdef CONFIG_PPC64
2020 	if (!cpu_has_feature(CPU_FTR_ARCH_206))
2021 		return;
2022 
2023 	/* Actually some of these pre-date 2.06, but whatever */
2024 
2025 	printf("srr0   = %.16lx  srr1  = %.16lx dsisr  = %.8lx\n",
2026 		mfspr(SPRN_SRR0), mfspr(SPRN_SRR1), mfspr(SPRN_DSISR));
2027 	printf("dscr   = %.16lx  ppr   = %.16lx pir    = %.8lx\n",
2028 		mfspr(SPRN_DSCR), mfspr(SPRN_PPR), mfspr(SPRN_PIR));
2029 	printf("amr    = %.16lx  uamor = %.16lx\n",
2030 		mfspr(SPRN_AMR), mfspr(SPRN_UAMOR));
2031 
2032 	if (!(mfmsr() & MSR_HV))
2033 		return;
2034 
2035 	printf("sdr1   = %.16lx  hdar  = %.16lx hdsisr = %.8lx\n",
2036 		mfspr(SPRN_SDR1), mfspr(SPRN_HDAR), mfspr(SPRN_HDSISR));
2037 	printf("hsrr0  = %.16lx hsrr1  = %.16lx hdec   = %.16lx\n",
2038 		mfspr(SPRN_HSRR0), mfspr(SPRN_HSRR1), mfspr(SPRN_HDEC));
2039 	printf("lpcr   = %.16lx  pcr   = %.16lx lpidr  = %.8lx\n",
2040 		mfspr(SPRN_LPCR), mfspr(SPRN_PCR), mfspr(SPRN_LPID));
2041 	printf("hsprg0 = %.16lx hsprg1 = %.16lx amor   = %.16lx\n",
2042 		mfspr(SPRN_HSPRG0), mfspr(SPRN_HSPRG1), mfspr(SPRN_AMOR));
2043 	printf("dabr   = %.16lx dabrx  = %.16lx\n",
2044 		mfspr(SPRN_DABR), mfspr(SPRN_DABRX));
2045 #endif
2046 }
2047 
2048 static void dump_207_sprs(void)
2049 {
2050 #ifdef CONFIG_PPC64
2051 	unsigned long msr;
2052 
2053 	if (!cpu_has_feature(CPU_FTR_ARCH_207S))
2054 		return;
2055 
2056 	printf("dpdes  = %.16lx  tir   = %.16lx cir    = %.8lx\n",
2057 		mfspr(SPRN_DPDES), mfspr(SPRN_TIR), mfspr(SPRN_CIR));
2058 
2059 	printf("fscr   = %.16lx  tar   = %.16lx pspb   = %.8lx\n",
2060 		mfspr(SPRN_FSCR), mfspr(SPRN_TAR), mfspr(SPRN_PSPB));
2061 
2062 	msr = mfmsr();
2063 	if (msr & MSR_TM) {
2064 		/* Only if TM has been enabled in the kernel */
2065 		printf("tfhar  = %.16lx  tfiar = %.16lx texasr = %.16lx\n",
2066 			mfspr(SPRN_TFHAR), mfspr(SPRN_TFIAR),
2067 			mfspr(SPRN_TEXASR));
2068 	}
2069 
2070 	printf("mmcr0  = %.16lx  mmcr1 = %.16lx mmcr2  = %.16lx\n",
2071 		mfspr(SPRN_MMCR0), mfspr(SPRN_MMCR1), mfspr(SPRN_MMCR2));
2072 	printf("pmc1   = %.8lx pmc2 = %.8lx  pmc3 = %.8lx  pmc4   = %.8lx\n",
2073 		mfspr(SPRN_PMC1), mfspr(SPRN_PMC2),
2074 		mfspr(SPRN_PMC3), mfspr(SPRN_PMC4));
2075 	printf("mmcra  = %.16lx   siar = %.16lx pmc5   = %.8lx\n",
2076 		mfspr(SPRN_MMCRA), mfspr(SPRN_SIAR), mfspr(SPRN_PMC5));
2077 	printf("sdar   = %.16lx   sier = %.16lx pmc6   = %.8lx\n",
2078 		mfspr(SPRN_SDAR), mfspr(SPRN_SIER), mfspr(SPRN_PMC6));
2079 	printf("ebbhr  = %.16lx  ebbrr = %.16lx bescr  = %.16lx\n",
2080 		mfspr(SPRN_EBBHR), mfspr(SPRN_EBBRR), mfspr(SPRN_BESCR));
2081 	printf("iamr   = %.16lx\n", mfspr(SPRN_IAMR));
2082 
2083 	if (!(msr & MSR_HV))
2084 		return;
2085 
2086 	printf("hfscr  = %.16lx  dhdes = %.16lx rpr    = %.16lx\n",
2087 		mfspr(SPRN_HFSCR), mfspr(SPRN_DHDES), mfspr(SPRN_RPR));
2088 	printf("dawr0  = %.16lx dawrx0 = %.16lx\n",
2089 	       mfspr(SPRN_DAWR0), mfspr(SPRN_DAWRX0));
2090 	if (nr_wp_slots() > 1) {
2091 		printf("dawr1  = %.16lx dawrx1 = %.16lx\n",
2092 		       mfspr(SPRN_DAWR1), mfspr(SPRN_DAWRX1));
2093 	}
2094 	printf("ciabr  = %.16lx\n", mfspr(SPRN_CIABR));
2095 #endif
2096 }
2097 
2098 static void dump_300_sprs(void)
2099 {
2100 #ifdef CONFIG_PPC64
2101 	bool hv = mfmsr() & MSR_HV;
2102 
2103 	if (!cpu_has_feature(CPU_FTR_ARCH_300))
2104 		return;
2105 
2106 	if (cpu_has_feature(CPU_FTR_P9_TIDR)) {
2107 		printf("pidr   = %.16lx  tidr  = %.16lx\n",
2108 			mfspr(SPRN_PID), mfspr(SPRN_TIDR));
2109 	} else {
2110 		printf("pidr   = %.16lx\n",
2111 			mfspr(SPRN_PID));
2112 	}
2113 
2114 	printf("psscr  = %.16lx\n",
2115 		hv ? mfspr(SPRN_PSSCR) : mfspr(SPRN_PSSCR_PR));
2116 
2117 	if (!hv)
2118 		return;
2119 
2120 	printf("ptcr   = %.16lx  asdr  = %.16lx\n",
2121 		mfspr(SPRN_PTCR), mfspr(SPRN_ASDR));
2122 #endif
2123 }
2124 
2125 static void dump_310_sprs(void)
2126 {
2127 #ifdef CONFIG_PPC64
2128 	if (!cpu_has_feature(CPU_FTR_ARCH_31))
2129 		return;
2130 
2131 	printf("mmcr3  = %.16lx, sier2  = %.16lx, sier3  = %.16lx\n",
2132 		mfspr(SPRN_MMCR3), mfspr(SPRN_SIER2), mfspr(SPRN_SIER3));
2133 
2134 #endif
2135 }
2136 
2137 static void dump_one_spr(int spr, bool show_unimplemented)
2138 {
2139 	unsigned long val;
2140 
2141 	val = 0xdeadbeef;
2142 	if (!read_spr(spr, &val)) {
2143 		printf("SPR 0x%03x (%4d) Faulted during read\n", spr, spr);
2144 		return;
2145 	}
2146 
2147 	if (val == 0xdeadbeef) {
2148 		/* Looks like read was a nop, confirm */
2149 		val = 0x0badcafe;
2150 		if (!read_spr(spr, &val)) {
2151 			printf("SPR 0x%03x (%4d) Faulted during read\n", spr, spr);
2152 			return;
2153 		}
2154 
2155 		if (val == 0x0badcafe) {
2156 			if (show_unimplemented)
2157 				printf("SPR 0x%03x (%4d) Unimplemented\n", spr, spr);
2158 			return;
2159 		}
2160 	}
2161 
2162 	printf("SPR 0x%03x (%4d) = 0x%lx\n", spr, spr, val);
2163 }
2164 
2165 static void super_regs(void)
2166 {
2167 	static unsigned long regno;
2168 	int cmd;
2169 	int spr;
2170 
2171 	cmd = skipbl();
2172 
2173 	switch (cmd) {
2174 	case '\n': {
2175 		unsigned long sp, toc;
2176 		asm("mr %0,1" : "=r" (sp) :);
2177 		asm("mr %0,2" : "=r" (toc) :);
2178 
2179 		printf("msr    = "REG"  sprg0 = "REG"\n",
2180 		       mfmsr(), mfspr(SPRN_SPRG0));
2181 		printf("pvr    = "REG"  sprg1 = "REG"\n",
2182 		       mfspr(SPRN_PVR), mfspr(SPRN_SPRG1));
2183 		printf("dec    = "REG"  sprg2 = "REG"\n",
2184 		       mfspr(SPRN_DEC), mfspr(SPRN_SPRG2));
2185 		printf("sp     = "REG"  sprg3 = "REG"\n", sp, mfspr(SPRN_SPRG3));
2186 		printf("toc    = "REG"  dar   = "REG"\n", toc, mfspr(SPRN_DAR));
2187 
2188 		dump_206_sprs();
2189 		dump_207_sprs();
2190 		dump_300_sprs();
2191 		dump_310_sprs();
2192 
2193 		return;
2194 	}
2195 	case 'w': {
2196 		unsigned long val;
2197 		scanhex(&regno);
2198 		val = 0;
2199 		read_spr(regno, &val);
2200 		scanhex(&val);
2201 		write_spr(regno, val);
2202 		dump_one_spr(regno, true);
2203 		break;
2204 	}
2205 	case 'r':
2206 		scanhex(&regno);
2207 		dump_one_spr(regno, true);
2208 		break;
2209 	case 'a':
2210 		/* dump ALL SPRs */
2211 		for (spr = 1; spr < 1024; ++spr)
2212 			dump_one_spr(spr, false);
2213 		break;
2214 	}
2215 
2216 	scannl();
2217 }
2218 
2219 /*
2220  * Stuff for reading and writing memory safely
2221  */
2222 static int
2223 mread(unsigned long adrs, void *buf, int size)
2224 {
2225 	volatile int n;
2226 	char *p, *q;
2227 
2228 	n = 0;
2229 	if (setjmp(bus_error_jmp) == 0) {
2230 		catch_memory_errors = 1;
2231 		sync();
2232 		p = (char *)adrs;
2233 		q = (char *)buf;
2234 		switch (size) {
2235 		case 2:
2236 			*(u16 *)q = *(u16 *)p;
2237 			break;
2238 		case 4:
2239 			*(u32 *)q = *(u32 *)p;
2240 			break;
2241 		case 8:
2242 			*(u64 *)q = *(u64 *)p;
2243 			break;
2244 		default:
2245 			for( ; n < size; ++n) {
2246 				*q++ = *p++;
2247 				sync();
2248 			}
2249 		}
2250 		sync();
2251 		/* wait a little while to see if we get a machine check */
2252 		__delay(200);
2253 		n = size;
2254 	}
2255 	catch_memory_errors = 0;
2256 	return n;
2257 }
2258 
2259 static int
2260 mwrite(unsigned long adrs, void *buf, int size)
2261 {
2262 	volatile int n;
2263 	char *p, *q;
2264 
2265 	n = 0;
2266 
2267 	if (xmon_is_ro) {
2268 		printf(xmon_ro_msg);
2269 		return n;
2270 	}
2271 
2272 	if (setjmp(bus_error_jmp) == 0) {
2273 		catch_memory_errors = 1;
2274 		sync();
2275 		p = (char *) adrs;
2276 		q = (char *) buf;
2277 		switch (size) {
2278 		case 2:
2279 			*(u16 *)p = *(u16 *)q;
2280 			break;
2281 		case 4:
2282 			*(u32 *)p = *(u32 *)q;
2283 			break;
2284 		case 8:
2285 			*(u64 *)p = *(u64 *)q;
2286 			break;
2287 		default:
2288 			for ( ; n < size; ++n) {
2289 				*p++ = *q++;
2290 				sync();
2291 			}
2292 		}
2293 		sync();
2294 		/* wait a little while to see if we get a machine check */
2295 		__delay(200);
2296 		n = size;
2297 	} else {
2298 		printf("*** Error writing address "REG"\n", adrs + n);
2299 	}
2300 	catch_memory_errors = 0;
2301 	return n;
2302 }
2303 
2304 static int
2305 mread_instr(unsigned long adrs, ppc_inst_t *instr)
2306 {
2307 	volatile int n;
2308 
2309 	n = 0;
2310 	if (setjmp(bus_error_jmp) == 0) {
2311 		catch_memory_errors = 1;
2312 		sync();
2313 		*instr = ppc_inst_read((u32 *)adrs);
2314 		sync();
2315 		/* wait a little while to see if we get a machine check */
2316 		__delay(200);
2317 		n = ppc_inst_len(*instr);
2318 	}
2319 	catch_memory_errors = 0;
2320 	return n;
2321 }
2322 
2323 static int fault_type;
2324 static int fault_except;
2325 static char *fault_chars[] = { "--", "**", "##" };
2326 
2327 static int handle_fault(struct pt_regs *regs)
2328 {
2329 	fault_except = TRAP(regs);
2330 	switch (TRAP(regs)) {
2331 	case 0x200:
2332 		fault_type = 0;
2333 		break;
2334 	case 0x300:
2335 	case 0x380:
2336 		fault_type = 1;
2337 		break;
2338 	default:
2339 		fault_type = 2;
2340 	}
2341 
2342 	longjmp(bus_error_jmp, 1);
2343 
2344 	return 0;
2345 }
2346 
2347 #define SWAP(a, b, t)	((t) = (a), (a) = (b), (b) = (t))
2348 
2349 static void
2350 byterev(unsigned char *val, int size)
2351 {
2352 	int t;
2353 
2354 	switch (size) {
2355 	case 2:
2356 		SWAP(val[0], val[1], t);
2357 		break;
2358 	case 4:
2359 		SWAP(val[0], val[3], t);
2360 		SWAP(val[1], val[2], t);
2361 		break;
2362 	case 8: /* is there really any use for this? */
2363 		SWAP(val[0], val[7], t);
2364 		SWAP(val[1], val[6], t);
2365 		SWAP(val[2], val[5], t);
2366 		SWAP(val[3], val[4], t);
2367 		break;
2368 	}
2369 }
2370 
2371 static int brev;
2372 static int mnoread;
2373 
2374 static char *memex_help_string =
2375     "Memory examine command usage:\n"
2376     "m [addr] [flags] examine/change memory\n"
2377     "  addr is optional.  will start where left off.\n"
2378     "  flags may include chars from this set:\n"
2379     "    b   modify by bytes (default)\n"
2380     "    w   modify by words (2 byte)\n"
2381     "    l   modify by longs (4 byte)\n"
2382     "    d   modify by doubleword (8 byte)\n"
2383     "    r   toggle reverse byte order mode\n"
2384     "    n   do not read memory (for i/o spaces)\n"
2385     "    .   ok to read (default)\n"
2386     "NOTE: flags are saved as defaults\n"
2387     "";
2388 
2389 static char *memex_subcmd_help_string =
2390     "Memory examine subcommands:\n"
2391     "  hexval   write this val to current location\n"
2392     "  'string' write chars from string to this location\n"
2393     "  '        increment address\n"
2394     "  ^        decrement address\n"
2395     "  /        increment addr by 0x10.  //=0x100, ///=0x1000, etc\n"
2396     "  \\        decrement addr by 0x10.  \\\\=0x100, \\\\\\=0x1000, etc\n"
2397     "  `        clear no-read flag\n"
2398     "  ;        stay at this addr\n"
2399     "  v        change to byte mode\n"
2400     "  w        change to word (2 byte) mode\n"
2401     "  l        change to long (4 byte) mode\n"
2402     "  u        change to doubleword (8 byte) mode\n"
2403     "  m addr   change current addr\n"
2404     "  n        toggle no-read flag\n"
2405     "  r        toggle byte reverse flag\n"
2406     "  < count  back up count bytes\n"
2407     "  > count  skip forward count bytes\n"
2408     "  x        exit this mode\n"
2409     "";
2410 
2411 static void
2412 memex(void)
2413 {
2414 	int cmd, inc, i, nslash;
2415 	unsigned long n;
2416 	unsigned char val[16];
2417 
2418 	scanhex((void *)&adrs);
2419 	cmd = skipbl();
2420 	if (cmd == '?') {
2421 		printf(memex_help_string);
2422 		return;
2423 	} else {
2424 		termch = cmd;
2425 	}
2426 	last_cmd = "m\n";
2427 	while ((cmd = skipbl()) != '\n') {
2428 		switch( cmd ){
2429 		case 'b':	size = 1;	break;
2430 		case 'w':	size = 2;	break;
2431 		case 'l':	size = 4;	break;
2432 		case 'd':	size = 8;	break;
2433 		case 'r': 	brev = !brev;	break;
2434 		case 'n':	mnoread = 1;	break;
2435 		case '.':	mnoread = 0;	break;
2436 		}
2437 	}
2438 	if( size <= 0 )
2439 		size = 1;
2440 	else if( size > 8 )
2441 		size = 8;
2442 	for(;;){
2443 		if (!mnoread)
2444 			n = mread(adrs, val, size);
2445 		printf(REG"%c", adrs, brev? 'r': ' ');
2446 		if (!mnoread) {
2447 			if (brev)
2448 				byterev(val, size);
2449 			putchar(' ');
2450 			for (i = 0; i < n; ++i)
2451 				printf("%.2x", val[i]);
2452 			for (; i < size; ++i)
2453 				printf("%s", fault_chars[fault_type]);
2454 		}
2455 		putchar(' ');
2456 		inc = size;
2457 		nslash = 0;
2458 		for(;;){
2459 			if( scanhex(&n) ){
2460 				for (i = 0; i < size; ++i)
2461 					val[i] = n >> (i * 8);
2462 				if (!brev)
2463 					byterev(val, size);
2464 				mwrite(adrs, val, size);
2465 				inc = size;
2466 			}
2467 			cmd = skipbl();
2468 			if (cmd == '\n')
2469 				break;
2470 			inc = 0;
2471 			switch (cmd) {
2472 			case '\'':
2473 				for(;;){
2474 					n = inchar();
2475 					if( n == '\\' )
2476 						n = bsesc();
2477 					else if( n == '\'' )
2478 						break;
2479 					for (i = 0; i < size; ++i)
2480 						val[i] = n >> (i * 8);
2481 					if (!brev)
2482 						byterev(val, size);
2483 					mwrite(adrs, val, size);
2484 					adrs += size;
2485 				}
2486 				adrs -= size;
2487 				inc = size;
2488 				break;
2489 			case ',':
2490 				adrs += size;
2491 				break;
2492 			case '.':
2493 				mnoread = 0;
2494 				break;
2495 			case ';':
2496 				break;
2497 			case 'x':
2498 			case EOF:
2499 				scannl();
2500 				return;
2501 			case 'b':
2502 			case 'v':
2503 				size = 1;
2504 				break;
2505 			case 'w':
2506 				size = 2;
2507 				break;
2508 			case 'l':
2509 				size = 4;
2510 				break;
2511 			case 'u':
2512 				size = 8;
2513 				break;
2514 			case '^':
2515 				adrs -= size;
2516 				break;
2517 			case '/':
2518 				if (nslash > 0)
2519 					adrs -= 1 << nslash;
2520 				else
2521 					nslash = 0;
2522 				nslash += 4;
2523 				adrs += 1 << nslash;
2524 				break;
2525 			case '\\':
2526 				if (nslash < 0)
2527 					adrs += 1 << -nslash;
2528 				else
2529 					nslash = 0;
2530 				nslash -= 4;
2531 				adrs -= 1 << -nslash;
2532 				break;
2533 			case 'm':
2534 				scanhex((void *)&adrs);
2535 				break;
2536 			case 'n':
2537 				mnoread = 1;
2538 				break;
2539 			case 'r':
2540 				brev = !brev;
2541 				break;
2542 			case '<':
2543 				n = size;
2544 				scanhex(&n);
2545 				adrs -= n;
2546 				break;
2547 			case '>':
2548 				n = size;
2549 				scanhex(&n);
2550 				adrs += n;
2551 				break;
2552 			case '?':
2553 				printf(memex_subcmd_help_string);
2554 				break;
2555 			}
2556 		}
2557 		adrs += inc;
2558 	}
2559 }
2560 
2561 static int
2562 bsesc(void)
2563 {
2564 	int c;
2565 
2566 	c = inchar();
2567 	switch( c ){
2568 	case 'n':	c = '\n';	break;
2569 	case 'r':	c = '\r';	break;
2570 	case 'b':	c = '\b';	break;
2571 	case 't':	c = '\t';	break;
2572 	}
2573 	return c;
2574 }
2575 
2576 static void xmon_rawdump (unsigned long adrs, long ndump)
2577 {
2578 	long n, m, r, nr;
2579 	unsigned char temp[16];
2580 
2581 	for (n = ndump; n > 0;) {
2582 		r = n < 16? n: 16;
2583 		nr = mread(adrs, temp, r);
2584 		adrs += nr;
2585 		for (m = 0; m < r; ++m) {
2586 			if (m < nr)
2587 				printf("%.2x", temp[m]);
2588 			else
2589 				printf("%s", fault_chars[fault_type]);
2590 		}
2591 		n -= r;
2592 		if (nr < r)
2593 			break;
2594 	}
2595 	printf("\n");
2596 }
2597 
2598 static void dump_tracing(void)
2599 {
2600 	int c;
2601 
2602 	c = inchar();
2603 	if (c == 'c')
2604 		ftrace_dump(DUMP_ORIG);
2605 	else
2606 		ftrace_dump(DUMP_ALL);
2607 }
2608 
2609 #ifdef CONFIG_PPC64
2610 static void dump_one_paca(int cpu)
2611 {
2612 	struct paca_struct *p;
2613 #ifdef CONFIG_PPC_64S_HASH_MMU
2614 	int i = 0;
2615 #endif
2616 
2617 	if (setjmp(bus_error_jmp) != 0) {
2618 		printf("*** Error dumping paca for cpu 0x%x!\n", cpu);
2619 		return;
2620 	}
2621 
2622 	catch_memory_errors = 1;
2623 	sync();
2624 
2625 	p = paca_ptrs[cpu];
2626 
2627 	printf("paca for cpu 0x%x @ %px:\n", cpu, p);
2628 
2629 	printf(" %-*s = %s\n", 25, "possible", cpu_possible(cpu) ? "yes" : "no");
2630 	printf(" %-*s = %s\n", 25, "present", cpu_present(cpu) ? "yes" : "no");
2631 	printf(" %-*s = %s\n", 25, "online", cpu_online(cpu) ? "yes" : "no");
2632 
2633 #define DUMP(paca, name, format)				\
2634 	printf(" %-*s = "format"\t(0x%lx)\n", 25, #name, 18, paca->name, \
2635 		offsetof(struct paca_struct, name));
2636 
2637 	DUMP(p, lock_token, "%#-*x");
2638 	DUMP(p, paca_index, "%#-*x");
2639 	DUMP(p, kernel_toc, "%#-*llx");
2640 	DUMP(p, kernelbase, "%#-*llx");
2641 	DUMP(p, kernel_msr, "%#-*llx");
2642 	DUMP(p, emergency_sp, "%-*px");
2643 #ifdef CONFIG_PPC_BOOK3S_64
2644 	DUMP(p, nmi_emergency_sp, "%-*px");
2645 	DUMP(p, mc_emergency_sp, "%-*px");
2646 	DUMP(p, in_nmi, "%#-*x");
2647 	DUMP(p, in_mce, "%#-*x");
2648 	DUMP(p, hmi_event_available, "%#-*x");
2649 #endif
2650 	DUMP(p, data_offset, "%#-*llx");
2651 	DUMP(p, hw_cpu_id, "%#-*x");
2652 	DUMP(p, cpu_start, "%#-*x");
2653 	DUMP(p, kexec_state, "%#-*x");
2654 #ifdef CONFIG_PPC_BOOK3S_64
2655 #ifdef CONFIG_PPC_64S_HASH_MMU
2656 	if (!early_radix_enabled()) {
2657 		for (i = 0; i < SLB_NUM_BOLTED; i++) {
2658 			u64 esid, vsid;
2659 
2660 			if (!p->slb_shadow_ptr)
2661 				continue;
2662 
2663 			esid = be64_to_cpu(p->slb_shadow_ptr->save_area[i].esid);
2664 			vsid = be64_to_cpu(p->slb_shadow_ptr->save_area[i].vsid);
2665 
2666 			if (esid || vsid) {
2667 				printf(" %-*s[%d] = 0x%016llx 0x%016llx\n",
2668 				       22, "slb_shadow", i, esid, vsid);
2669 			}
2670 		}
2671 		DUMP(p, vmalloc_sllp, "%#-*x");
2672 		DUMP(p, stab_rr, "%#-*x");
2673 		DUMP(p, slb_used_bitmap, "%#-*x");
2674 		DUMP(p, slb_kern_bitmap, "%#-*x");
2675 
2676 		if (!early_cpu_has_feature(CPU_FTR_ARCH_300)) {
2677 			DUMP(p, slb_cache_ptr, "%#-*x");
2678 			for (i = 0; i < SLB_CACHE_ENTRIES; i++)
2679 				printf(" %-*s[%d] = 0x%016x\n",
2680 				       22, "slb_cache", i, p->slb_cache[i]);
2681 		}
2682 	}
2683 #endif
2684 
2685 	DUMP(p, rfi_flush_fallback_area, "%-*px");
2686 #endif
2687 	DUMP(p, dscr_default, "%#-*llx");
2688 #ifdef CONFIG_PPC_BOOK3E_64
2689 	DUMP(p, pgd, "%-*px");
2690 	DUMP(p, kernel_pgd, "%-*px");
2691 	DUMP(p, tcd_ptr, "%-*px");
2692 	DUMP(p, mc_kstack, "%-*px");
2693 	DUMP(p, crit_kstack, "%-*px");
2694 	DUMP(p, dbg_kstack, "%-*px");
2695 #endif
2696 	DUMP(p, __current, "%-*px");
2697 	DUMP(p, kstack, "%#-*llx");
2698 	printf(" %-*s = 0x%016llx\n", 25, "kstack_base", p->kstack & ~(THREAD_SIZE - 1));
2699 #ifdef CONFIG_STACKPROTECTOR
2700 	DUMP(p, canary, "%#-*lx");
2701 #endif
2702 	DUMP(p, saved_r1, "%#-*llx");
2703 #ifdef CONFIG_PPC_BOOK3E_64
2704 	DUMP(p, trap_save, "%#-*x");
2705 #endif
2706 	DUMP(p, irq_soft_mask, "%#-*x");
2707 	DUMP(p, irq_happened, "%#-*x");
2708 #ifdef CONFIG_MMIOWB
2709 	DUMP(p, mmiowb_state.nesting_count, "%#-*x");
2710 	DUMP(p, mmiowb_state.mmiowb_pending, "%#-*x");
2711 #endif
2712 	DUMP(p, irq_work_pending, "%#-*x");
2713 	DUMP(p, sprg_vdso, "%#-*llx");
2714 
2715 #ifdef CONFIG_PPC_TRANSACTIONAL_MEM
2716 	DUMP(p, tm_scratch, "%#-*llx");
2717 #endif
2718 
2719 #ifdef CONFIG_PPC_POWERNV
2720 	DUMP(p, idle_state, "%#-*lx");
2721 	if (!early_cpu_has_feature(CPU_FTR_ARCH_300)) {
2722 		DUMP(p, thread_idle_state, "%#-*x");
2723 		DUMP(p, subcore_sibling_mask, "%#-*x");
2724 	} else {
2725 #ifdef CONFIG_KVM_BOOK3S_HV_POSSIBLE
2726 		DUMP(p, requested_psscr, "%#-*llx");
2727 		DUMP(p, dont_stop.counter, "%#-*x");
2728 #endif
2729 	}
2730 #endif
2731 
2732 	DUMP(p, accounting.utime, "%#-*lx");
2733 	DUMP(p, accounting.stime, "%#-*lx");
2734 #ifdef CONFIG_ARCH_HAS_SCALED_CPUTIME
2735 	DUMP(p, accounting.utime_scaled, "%#-*lx");
2736 #endif
2737 	DUMP(p, accounting.starttime, "%#-*lx");
2738 	DUMP(p, accounting.starttime_user, "%#-*lx");
2739 #ifdef CONFIG_ARCH_HAS_SCALED_CPUTIME
2740 	DUMP(p, accounting.startspurr, "%#-*lx");
2741 	DUMP(p, accounting.utime_sspurr, "%#-*lx");
2742 #endif
2743 	DUMP(p, accounting.steal_time, "%#-*lx");
2744 #undef DUMP
2745 
2746 	catch_memory_errors = 0;
2747 	sync();
2748 }
2749 
2750 static void dump_all_pacas(void)
2751 {
2752 	int cpu;
2753 
2754 	if (num_possible_cpus() == 0) {
2755 		printf("No possible cpus, use 'dp #' to dump individual cpus\n");
2756 		return;
2757 	}
2758 
2759 	for_each_possible_cpu(cpu)
2760 		dump_one_paca(cpu);
2761 }
2762 
2763 static void dump_pacas(void)
2764 {
2765 	unsigned long num;
2766 	int c;
2767 
2768 	c = inchar();
2769 	if (c == 'a') {
2770 		dump_all_pacas();
2771 		return;
2772 	}
2773 
2774 	termch = c;	/* Put c back, it wasn't 'a' */
2775 
2776 	if (scanhex(&num))
2777 		dump_one_paca(num);
2778 	else
2779 		dump_one_paca(xmon_owner);
2780 }
2781 #endif
2782 
2783 #ifdef CONFIG_PPC_POWERNV
2784 static void dump_one_xive(int cpu)
2785 {
2786 	unsigned int hwid = get_hard_smp_processor_id(cpu);
2787 	bool hv = cpu_has_feature(CPU_FTR_HVMODE);
2788 
2789 	if (hv) {
2790 		opal_xive_dump(XIVE_DUMP_TM_HYP, hwid);
2791 		opal_xive_dump(XIVE_DUMP_TM_POOL, hwid);
2792 		opal_xive_dump(XIVE_DUMP_TM_OS, hwid);
2793 		opal_xive_dump(XIVE_DUMP_TM_USER, hwid);
2794 		opal_xive_dump(XIVE_DUMP_VP, hwid);
2795 		opal_xive_dump(XIVE_DUMP_EMU_STATE, hwid);
2796 	}
2797 
2798 	if (setjmp(bus_error_jmp) != 0) {
2799 		catch_memory_errors = 0;
2800 		printf("*** Error dumping xive on cpu %d\n", cpu);
2801 		return;
2802 	}
2803 
2804 	catch_memory_errors = 1;
2805 	sync();
2806 	xmon_xive_do_dump(cpu);
2807 	sync();
2808 	__delay(200);
2809 	catch_memory_errors = 0;
2810 }
2811 
2812 static void dump_all_xives(void)
2813 {
2814 	int cpu;
2815 
2816 	if (num_online_cpus() == 0) {
2817 		printf("No possible cpus, use 'dx #' to dump individual cpus\n");
2818 		return;
2819 	}
2820 
2821 	for_each_online_cpu(cpu)
2822 		dump_one_xive(cpu);
2823 }
2824 
2825 static void dump_xives(void)
2826 {
2827 	unsigned long num;
2828 	int c;
2829 
2830 	if (!xive_enabled()) {
2831 		printf("Xive disabled on this system\n");
2832 		return;
2833 	}
2834 
2835 	c = inchar();
2836 	if (c == 'a') {
2837 		dump_all_xives();
2838 		return;
2839 	} else if (c == 'i') {
2840 		if (scanhex(&num))
2841 			xmon_xive_get_irq_config(num, NULL);
2842 		else
2843 			xmon_xive_get_irq_all();
2844 		return;
2845 	}
2846 
2847 	termch = c;	/* Put c back, it wasn't 'a' */
2848 
2849 	if (scanhex(&num))
2850 		dump_one_xive(num);
2851 	else
2852 		dump_one_xive(xmon_owner);
2853 }
2854 #endif /* CONFIG_PPC_POWERNV */
2855 
2856 static void dump_by_size(unsigned long addr, long count, int size)
2857 {
2858 	unsigned char temp[16];
2859 	int i, j;
2860 	u64 val;
2861 
2862 	count = ALIGN(count, 16);
2863 
2864 	for (i = 0; i < count; i += 16, addr += 16) {
2865 		printf(REG, addr);
2866 
2867 		if (mread(addr, temp, 16) != 16) {
2868 			printf("\nFaulted reading %d bytes from 0x"REG"\n", 16, addr);
2869 			return;
2870 		}
2871 
2872 		for (j = 0; j < 16; j += size) {
2873 			putchar(' ');
2874 			switch (size) {
2875 			case 1: val = temp[j]; break;
2876 			case 2: val = *(u16 *)&temp[j]; break;
2877 			case 4: val = *(u32 *)&temp[j]; break;
2878 			case 8: val = *(u64 *)&temp[j]; break;
2879 			default: val = 0;
2880 			}
2881 
2882 			printf("%0*llx", size * 2, val);
2883 		}
2884 		printf("  |");
2885 		for (j = 0; j < 16; ++j) {
2886 			val = temp[j];
2887 			putchar(' ' <= val && val <= '~' ? val : '.');
2888 		}
2889 		printf("|\n");
2890 	}
2891 }
2892 
2893 static void
2894 dump(void)
2895 {
2896 	static char last[] = { "d?\n" };
2897 	int c;
2898 
2899 	c = inchar();
2900 
2901 #ifdef CONFIG_PPC64
2902 	if (c == 'p') {
2903 		xmon_start_pagination();
2904 		dump_pacas();
2905 		xmon_end_pagination();
2906 		return;
2907 	}
2908 #endif
2909 #ifdef CONFIG_PPC_POWERNV
2910 	if (c == 'x') {
2911 		xmon_start_pagination();
2912 		dump_xives();
2913 		xmon_end_pagination();
2914 		return;
2915 	}
2916 #endif
2917 
2918 	if (c == 't') {
2919 		dump_tracing();
2920 		return;
2921 	}
2922 
2923 	if (c == '\n')
2924 		termch = c;
2925 
2926 	scanhex((void *)&adrs);
2927 	if (termch != '\n')
2928 		termch = 0;
2929 	if (c == 'i') {
2930 		scanhex(&nidump);
2931 		if (nidump == 0)
2932 			nidump = 16;
2933 		else if (nidump > MAX_IDUMP)
2934 			nidump = MAX_IDUMP;
2935 		adrs += ppc_inst_dump(adrs, nidump, 1);
2936 		last_cmd = "di\n";
2937 	} else if (c == 'l') {
2938 		dump_log_buf();
2939 	} else if (c == 'o') {
2940 		dump_opal_msglog();
2941 	} else if (c == 'v') {
2942 		/* dump virtual to physical translation */
2943 		show_pte(adrs);
2944 	} else if (c == 'r') {
2945 		scanhex(&ndump);
2946 		if (ndump == 0)
2947 			ndump = 64;
2948 		xmon_rawdump(adrs, ndump);
2949 		adrs += ndump;
2950 		last_cmd = "dr\n";
2951 	} else {
2952 		scanhex(&ndump);
2953 		if (ndump == 0)
2954 			ndump = 64;
2955 		else if (ndump > MAX_DUMP)
2956 			ndump = MAX_DUMP;
2957 
2958 		switch (c) {
2959 		case '8':
2960 		case '4':
2961 		case '2':
2962 		case '1':
2963 			ndump = ALIGN(ndump, 16);
2964 			dump_by_size(adrs, ndump, c - '0');
2965 			last[1] = c;
2966 			last_cmd = last;
2967 			break;
2968 		default:
2969 			prdump(adrs, ndump);
2970 			last_cmd = "d\n";
2971 		}
2972 
2973 		adrs += ndump;
2974 	}
2975 }
2976 
2977 static void
2978 prdump(unsigned long adrs, long ndump)
2979 {
2980 	long n, m, c, r, nr;
2981 	unsigned char temp[16];
2982 
2983 	for (n = ndump; n > 0;) {
2984 		printf(REG, adrs);
2985 		putchar(' ');
2986 		r = n < 16? n: 16;
2987 		nr = mread(adrs, temp, r);
2988 		adrs += nr;
2989 		for (m = 0; m < r; ++m) {
2990 			if ((m & (sizeof(long) - 1)) == 0 && m > 0)
2991 				putchar(' ');
2992 			if (m < nr)
2993 				printf("%.2x", temp[m]);
2994 			else
2995 				printf("%s", fault_chars[fault_type]);
2996 		}
2997 		for (; m < 16; ++m) {
2998 			if ((m & (sizeof(long) - 1)) == 0)
2999 				putchar(' ');
3000 			printf("  ");
3001 		}
3002 		printf("  |");
3003 		for (m = 0; m < r; ++m) {
3004 			if (m < nr) {
3005 				c = temp[m];
3006 				putchar(' ' <= c && c <= '~'? c: '.');
3007 			} else
3008 				putchar(' ');
3009 		}
3010 		n -= r;
3011 		for (; m < 16; ++m)
3012 			putchar(' ');
3013 		printf("|\n");
3014 		if (nr < r)
3015 			break;
3016 	}
3017 }
3018 
3019 typedef int (*instruction_dump_func)(unsigned long inst, unsigned long addr);
3020 
3021 static int
3022 generic_inst_dump(unsigned long adr, long count, int praddr,
3023 			instruction_dump_func dump_func)
3024 {
3025 	int nr, dotted;
3026 	unsigned long first_adr;
3027 	ppc_inst_t inst, last_inst = ppc_inst(0);
3028 
3029 	dotted = 0;
3030 	for (first_adr = adr; count > 0; --count, adr += ppc_inst_len(inst)) {
3031 		nr = mread_instr(adr, &inst);
3032 		if (nr == 0) {
3033 			if (praddr) {
3034 				const char *x = fault_chars[fault_type];
3035 				printf(REG"  %s%s%s%s\n", adr, x, x, x, x);
3036 			}
3037 			break;
3038 		}
3039 		if (adr > first_adr && ppc_inst_equal(inst, last_inst)) {
3040 			if (!dotted) {
3041 				printf(" ...\n");
3042 				dotted = 1;
3043 			}
3044 			continue;
3045 		}
3046 		dotted = 0;
3047 		last_inst = inst;
3048 		if (praddr)
3049 			printf(REG"  %08lx", adr, ppc_inst_as_ulong(inst));
3050 		printf("\t");
3051 		if (!ppc_inst_prefixed(inst))
3052 			dump_func(ppc_inst_val(inst), adr);
3053 		else
3054 			dump_func(ppc_inst_as_ulong(inst), adr);
3055 		printf("\n");
3056 	}
3057 	return adr - first_adr;
3058 }
3059 
3060 static int
3061 ppc_inst_dump(unsigned long adr, long count, int praddr)
3062 {
3063 	return generic_inst_dump(adr, count, praddr, print_insn_powerpc);
3064 }
3065 
3066 void
3067 print_address(unsigned long addr)
3068 {
3069 	xmon_print_symbol(addr, "\t# ", "");
3070 }
3071 
3072 static void
3073 dump_log_buf(void)
3074 {
3075 	struct kmsg_dump_iter iter;
3076 	static unsigned char buf[1024];
3077 	size_t len;
3078 
3079 	if (setjmp(bus_error_jmp) != 0) {
3080 		printf("Error dumping printk buffer!\n");
3081 		return;
3082 	}
3083 
3084 	catch_memory_errors = 1;
3085 	sync();
3086 
3087 	kmsg_dump_rewind(&iter);
3088 	xmon_start_pagination();
3089 	while (kmsg_dump_get_line(&iter, false, buf, sizeof(buf), &len)) {
3090 		buf[len] = '\0';
3091 		printf("%s", buf);
3092 	}
3093 	xmon_end_pagination();
3094 
3095 	sync();
3096 	/* wait a little while to see if we get a machine check */
3097 	__delay(200);
3098 	catch_memory_errors = 0;
3099 }
3100 
3101 #ifdef CONFIG_PPC_POWERNV
3102 static void dump_opal_msglog(void)
3103 {
3104 	unsigned char buf[128];
3105 	ssize_t res;
3106 	volatile loff_t pos = 0;
3107 
3108 	if (!firmware_has_feature(FW_FEATURE_OPAL)) {
3109 		printf("Machine is not running OPAL firmware.\n");
3110 		return;
3111 	}
3112 
3113 	if (setjmp(bus_error_jmp) != 0) {
3114 		printf("Error dumping OPAL msglog!\n");
3115 		return;
3116 	}
3117 
3118 	catch_memory_errors = 1;
3119 	sync();
3120 
3121 	xmon_start_pagination();
3122 	while ((res = opal_msglog_copy(buf, pos, sizeof(buf) - 1))) {
3123 		if (res < 0) {
3124 			printf("Error dumping OPAL msglog! Error: %zd\n", res);
3125 			break;
3126 		}
3127 		buf[res] = '\0';
3128 		printf("%s", buf);
3129 		pos += res;
3130 	}
3131 	xmon_end_pagination();
3132 
3133 	sync();
3134 	/* wait a little while to see if we get a machine check */
3135 	__delay(200);
3136 	catch_memory_errors = 0;
3137 }
3138 #endif
3139 
3140 /*
3141  * Memory operations - move, set, print differences
3142  */
3143 static unsigned long mdest;		/* destination address */
3144 static unsigned long msrc;		/* source address */
3145 static unsigned long mval;		/* byte value to set memory to */
3146 static unsigned long mcount;		/* # bytes to affect */
3147 static unsigned long mdiffs;		/* max # differences to print */
3148 
3149 static void
3150 memops(int cmd)
3151 {
3152 	scanhex((void *)&mdest);
3153 	if( termch != '\n' )
3154 		termch = 0;
3155 	scanhex((void *)(cmd == 's'? &mval: &msrc));
3156 	if( termch != '\n' )
3157 		termch = 0;
3158 	scanhex((void *)&mcount);
3159 	switch( cmd ){
3160 	case 'm':
3161 		if (xmon_is_ro) {
3162 			printf(xmon_ro_msg);
3163 			break;
3164 		}
3165 		memmove((void *)mdest, (void *)msrc, mcount);
3166 		break;
3167 	case 's':
3168 		if (xmon_is_ro) {
3169 			printf(xmon_ro_msg);
3170 			break;
3171 		}
3172 		memset((void *)mdest, mval, mcount);
3173 		break;
3174 	case 'd':
3175 		if( termch != '\n' )
3176 			termch = 0;
3177 		scanhex((void *)&mdiffs);
3178 		memdiffs((unsigned char *)mdest, (unsigned char *)msrc, mcount, mdiffs);
3179 		break;
3180 	}
3181 }
3182 
3183 static void
3184 memdiffs(unsigned char *p1, unsigned char *p2, unsigned nb, unsigned maxpr)
3185 {
3186 	unsigned n, prt;
3187 
3188 	prt = 0;
3189 	for( n = nb; n > 0; --n )
3190 		if( *p1++ != *p2++ )
3191 			if( ++prt <= maxpr )
3192 				printf("%px %.2x # %px %.2x\n", p1 - 1,
3193 					p1[-1], p2 - 1, p2[-1]);
3194 	if( prt > maxpr )
3195 		printf("Total of %d differences\n", prt);
3196 }
3197 
3198 static unsigned mend;
3199 static unsigned mask;
3200 
3201 static void
3202 memlocate(void)
3203 {
3204 	unsigned a, n;
3205 	unsigned char val[4];
3206 
3207 	last_cmd = "ml";
3208 	scanhex((void *)&mdest);
3209 	if (termch != '\n') {
3210 		termch = 0;
3211 		scanhex((void *)&mend);
3212 		if (termch != '\n') {
3213 			termch = 0;
3214 			scanhex((void *)&mval);
3215 			mask = ~0;
3216 			if (termch != '\n') termch = 0;
3217 			scanhex((void *)&mask);
3218 		}
3219 	}
3220 	n = 0;
3221 	for (a = mdest; a < mend; a += 4) {
3222 		if (mread(a, val, 4) == 4
3223 			&& ((GETWORD(val) ^ mval) & mask) == 0) {
3224 			printf("%.16x:  %.16x\n", a, GETWORD(val));
3225 			if (++n >= 10)
3226 				break;
3227 		}
3228 	}
3229 }
3230 
3231 static unsigned long mskip = 0x1000;
3232 static unsigned long mlim = 0xffffffff;
3233 
3234 static void
3235 memzcan(void)
3236 {
3237 	unsigned char v;
3238 	unsigned a;
3239 	int ok, ook;
3240 
3241 	scanhex(&mdest);
3242 	if (termch != '\n') termch = 0;
3243 	scanhex(&mskip);
3244 	if (termch != '\n') termch = 0;
3245 	scanhex(&mlim);
3246 	ook = 0;
3247 	for (a = mdest; a < mlim; a += mskip) {
3248 		ok = mread(a, &v, 1);
3249 		if (ok && !ook) {
3250 			printf("%.8x .. ", a);
3251 		} else if (!ok && ook)
3252 			printf("%.8lx\n", a - mskip);
3253 		ook = ok;
3254 		if (a + mskip < a)
3255 			break;
3256 	}
3257 	if (ook)
3258 		printf("%.8lx\n", a - mskip);
3259 }
3260 
3261 static void show_task(struct task_struct *volatile tsk)
3262 {
3263 	unsigned int p_state = READ_ONCE(tsk->__state);
3264 	char state;
3265 
3266 	/*
3267 	 * Cloned from kdb_task_state_char(), which is not entirely
3268 	 * appropriate for calling from xmon. This could be moved
3269 	 * to a common, generic, routine used by both.
3270 	 */
3271 	state = (p_state == TASK_RUNNING) ? 'R' :
3272 		(p_state & TASK_UNINTERRUPTIBLE) ? 'D' :
3273 		(p_state & TASK_STOPPED) ? 'T' :
3274 		(p_state & TASK_TRACED) ? 'C' :
3275 		(tsk->exit_state & EXIT_ZOMBIE) ? 'Z' :
3276 		(tsk->exit_state & EXIT_DEAD) ? 'E' :
3277 		(p_state & TASK_INTERRUPTIBLE) ? 'S' : '?';
3278 
3279 	printf("%16px %16lx %16px %6d %6d %c %2d %s\n", tsk,
3280 		tsk->thread.ksp, tsk->thread.regs,
3281 		tsk->pid, rcu_dereference(tsk->parent)->pid,
3282 		state, task_cpu(tsk),
3283 		tsk->comm);
3284 }
3285 
3286 #ifdef CONFIG_PPC_BOOK3S_64
3287 static void format_pte(void *ptep, unsigned long pte)
3288 {
3289 	pte_t entry = __pte(pte);
3290 
3291 	printf("ptep @ 0x%016lx = 0x%016lx\n", (unsigned long)ptep, pte);
3292 	printf("Maps physical address = 0x%016lx\n", pte & PTE_RPN_MASK);
3293 
3294 	printf("Flags = %s%s%s%s%s\n",
3295 	       pte_young(entry) ? "Accessed " : "",
3296 	       pte_dirty(entry) ? "Dirty " : "",
3297 	       pte_read(entry)  ? "Read " : "",
3298 	       pte_write(entry) ? "Write " : "",
3299 	       pte_exec(entry)  ? "Exec " : "");
3300 }
3301 
3302 static void show_pte(unsigned long addr)
3303 {
3304 	unsigned long tskv = 0;
3305 	struct task_struct *volatile tsk = NULL;
3306 	struct mm_struct *mm;
3307 	pgd_t *pgdp;
3308 	p4d_t *p4dp;
3309 	pud_t *pudp;
3310 	pmd_t *pmdp;
3311 	pte_t *ptep;
3312 
3313 	if (!scanhex(&tskv))
3314 		mm = &init_mm;
3315 	else
3316 		tsk = (struct task_struct *)tskv;
3317 
3318 	if (tsk == NULL)
3319 		mm = &init_mm;
3320 	else
3321 		mm = tsk->active_mm;
3322 
3323 	if (setjmp(bus_error_jmp) != 0) {
3324 		catch_memory_errors = 0;
3325 		printf("*** Error dumping pte for task %px\n", tsk);
3326 		return;
3327 	}
3328 
3329 	catch_memory_errors = 1;
3330 	sync();
3331 
3332 	if (mm == &init_mm)
3333 		pgdp = pgd_offset_k(addr);
3334 	else
3335 		pgdp = pgd_offset(mm, addr);
3336 
3337 	p4dp = p4d_offset(pgdp, addr);
3338 
3339 	if (p4d_none(*p4dp)) {
3340 		printf("No valid P4D\n");
3341 		return;
3342 	}
3343 
3344 	if (p4d_is_leaf(*p4dp)) {
3345 		format_pte(p4dp, p4d_val(*p4dp));
3346 		return;
3347 	}
3348 
3349 	printf("p4dp @ 0x%px = 0x%016lx\n", p4dp, p4d_val(*p4dp));
3350 
3351 	pudp = pud_offset(p4dp, addr);
3352 
3353 	if (pud_none(*pudp)) {
3354 		printf("No valid PUD\n");
3355 		return;
3356 	}
3357 
3358 	if (pud_is_leaf(*pudp)) {
3359 		format_pte(pudp, pud_val(*pudp));
3360 		return;
3361 	}
3362 
3363 	printf("pudp @ 0x%px = 0x%016lx\n", pudp, pud_val(*pudp));
3364 
3365 	pmdp = pmd_offset(pudp, addr);
3366 
3367 	if (pmd_none(*pmdp)) {
3368 		printf("No valid PMD\n");
3369 		return;
3370 	}
3371 
3372 	if (pmd_is_leaf(*pmdp)) {
3373 		format_pte(pmdp, pmd_val(*pmdp));
3374 		return;
3375 	}
3376 	printf("pmdp @ 0x%px = 0x%016lx\n", pmdp, pmd_val(*pmdp));
3377 
3378 	ptep = pte_offset_map(pmdp, addr);
3379 	if (pte_none(*ptep)) {
3380 		printf("no valid PTE\n");
3381 		return;
3382 	}
3383 
3384 	format_pte(ptep, pte_val(*ptep));
3385 
3386 	sync();
3387 	__delay(200);
3388 	catch_memory_errors = 0;
3389 }
3390 #else
3391 static void show_pte(unsigned long addr)
3392 {
3393 	printf("show_pte not yet implemented\n");
3394 }
3395 #endif /* CONFIG_PPC_BOOK3S_64 */
3396 
3397 static void show_tasks(void)
3398 {
3399 	unsigned long tskv;
3400 	struct task_struct *volatile tsk = NULL;
3401 
3402 	printf("     task_struct     ->thread.ksp    ->thread.regs    PID   PPID S  P CMD\n");
3403 
3404 	if (scanhex(&tskv))
3405 		tsk = (struct task_struct *)tskv;
3406 
3407 	if (setjmp(bus_error_jmp) != 0) {
3408 		catch_memory_errors = 0;
3409 		printf("*** Error dumping task %px\n", tsk);
3410 		return;
3411 	}
3412 
3413 	catch_memory_errors = 1;
3414 	sync();
3415 
3416 	if (tsk)
3417 		show_task(tsk);
3418 	else
3419 		for_each_process(tsk)
3420 			show_task(tsk);
3421 
3422 	sync();
3423 	__delay(200);
3424 	catch_memory_errors = 0;
3425 }
3426 
3427 static void proccall(void)
3428 {
3429 	unsigned long args[8];
3430 	unsigned long ret;
3431 	int i;
3432 	typedef unsigned long (*callfunc_t)(unsigned long, unsigned long,
3433 			unsigned long, unsigned long, unsigned long,
3434 			unsigned long, unsigned long, unsigned long);
3435 	callfunc_t func;
3436 
3437 	if (!scanhex(&adrs))
3438 		return;
3439 	if (termch != '\n')
3440 		termch = 0;
3441 	for (i = 0; i < 8; ++i)
3442 		args[i] = 0;
3443 	for (i = 0; i < 8; ++i) {
3444 		if (!scanhex(&args[i]) || termch == '\n')
3445 			break;
3446 		termch = 0;
3447 	}
3448 	func = (callfunc_t) adrs;
3449 	ret = 0;
3450 	if (setjmp(bus_error_jmp) == 0) {
3451 		catch_memory_errors = 1;
3452 		sync();
3453 		ret = func(args[0], args[1], args[2], args[3],
3454 			   args[4], args[5], args[6], args[7]);
3455 		sync();
3456 		printf("return value is 0x%lx\n", ret);
3457 	} else {
3458 		printf("*** %x exception occurred\n", fault_except);
3459 	}
3460 	catch_memory_errors = 0;
3461 }
3462 
3463 /* Input scanning routines */
3464 int
3465 skipbl(void)
3466 {
3467 	int c;
3468 
3469 	if( termch != 0 ){
3470 		c = termch;
3471 		termch = 0;
3472 	} else
3473 		c = inchar();
3474 	while( c == ' ' || c == '\t' )
3475 		c = inchar();
3476 	return c;
3477 }
3478 
3479 #define N_PTREGS	44
3480 static const char *regnames[N_PTREGS] = {
3481 	"r0", "r1", "r2", "r3", "r4", "r5", "r6", "r7",
3482 	"r8", "r9", "r10", "r11", "r12", "r13", "r14", "r15",
3483 	"r16", "r17", "r18", "r19", "r20", "r21", "r22", "r23",
3484 	"r24", "r25", "r26", "r27", "r28", "r29", "r30", "r31",
3485 	"pc", "msr", "or3", "ctr", "lr", "xer", "ccr",
3486 #ifdef CONFIG_PPC64
3487 	"softe",
3488 #else
3489 	"mq",
3490 #endif
3491 	"trap", "dar", "dsisr", "res"
3492 };
3493 
3494 int
3495 scanhex(unsigned long *vp)
3496 {
3497 	int c, d;
3498 	unsigned long v;
3499 
3500 	c = skipbl();
3501 	if (c == '%') {
3502 		/* parse register name */
3503 		char regname[8];
3504 		int i;
3505 
3506 		for (i = 0; i < sizeof(regname) - 1; ++i) {
3507 			c = inchar();
3508 			if (!isalnum(c)) {
3509 				termch = c;
3510 				break;
3511 			}
3512 			regname[i] = c;
3513 		}
3514 		regname[i] = 0;
3515 		i = match_string(regnames, N_PTREGS, regname);
3516 		if (i < 0) {
3517 			printf("invalid register name '%%%s'\n", regname);
3518 			return 0;
3519 		}
3520 		if (xmon_regs == NULL) {
3521 			printf("regs not available\n");
3522 			return 0;
3523 		}
3524 		*vp = ((unsigned long *)xmon_regs)[i];
3525 		return 1;
3526 	}
3527 
3528 	/* skip leading "0x" if any */
3529 
3530 	if (c == '0') {
3531 		c = inchar();
3532 		if (c == 'x') {
3533 			c = inchar();
3534 		} else {
3535 			d = hexdigit(c);
3536 			if (d == EOF) {
3537 				termch = c;
3538 				*vp = 0;
3539 				return 1;
3540 			}
3541 		}
3542 	} else if (c == '$') {
3543 		int i;
3544 		for (i=0; i<63; i++) {
3545 			c = inchar();
3546 			if (isspace(c) || c == '\0') {
3547 				termch = c;
3548 				break;
3549 			}
3550 			tmpstr[i] = c;
3551 		}
3552 		tmpstr[i++] = 0;
3553 		*vp = 0;
3554 		if (setjmp(bus_error_jmp) == 0) {
3555 			catch_memory_errors = 1;
3556 			sync();
3557 			*vp = kallsyms_lookup_name(tmpstr);
3558 			sync();
3559 		}
3560 		catch_memory_errors = 0;
3561 		if (!(*vp)) {
3562 			printf("unknown symbol '%s'\n", tmpstr);
3563 			return 0;
3564 		}
3565 		return 1;
3566 	}
3567 
3568 	d = hexdigit(c);
3569 	if (d == EOF) {
3570 		termch = c;
3571 		return 0;
3572 	}
3573 	v = 0;
3574 	do {
3575 		v = (v << 4) + d;
3576 		c = inchar();
3577 		d = hexdigit(c);
3578 	} while (d != EOF);
3579 	termch = c;
3580 	*vp = v;
3581 	return 1;
3582 }
3583 
3584 static void
3585 scannl(void)
3586 {
3587 	int c;
3588 
3589 	c = termch;
3590 	termch = 0;
3591 	while( c != '\n' )
3592 		c = inchar();
3593 }
3594 
3595 static int hexdigit(int c)
3596 {
3597 	if( '0' <= c && c <= '9' )
3598 		return c - '0';
3599 	if( 'A' <= c && c <= 'F' )
3600 		return c - ('A' - 10);
3601 	if( 'a' <= c && c <= 'f' )
3602 		return c - ('a' - 10);
3603 	return EOF;
3604 }
3605 
3606 void
3607 getstring(char *s, int size)
3608 {
3609 	int c;
3610 
3611 	c = skipbl();
3612 	if (c == '\n') {
3613 		*s = 0;
3614 		return;
3615 	}
3616 
3617 	do {
3618 		if( size > 1 ){
3619 			*s++ = c;
3620 			--size;
3621 		}
3622 		c = inchar();
3623 	} while( c != ' ' && c != '\t' && c != '\n' );
3624 	termch = c;
3625 	*s = 0;
3626 }
3627 
3628 static char line[256];
3629 static char *lineptr;
3630 
3631 static void
3632 flush_input(void)
3633 {
3634 	lineptr = NULL;
3635 }
3636 
3637 static int
3638 inchar(void)
3639 {
3640 	if (lineptr == NULL || *lineptr == 0) {
3641 		if (xmon_gets(line, sizeof(line)) == NULL) {
3642 			lineptr = NULL;
3643 			return EOF;
3644 		}
3645 		lineptr = line;
3646 	}
3647 	return *lineptr++;
3648 }
3649 
3650 static void
3651 take_input(char *str)
3652 {
3653 	lineptr = str;
3654 }
3655 
3656 
3657 static void
3658 symbol_lookup(void)
3659 {
3660 	int type = inchar();
3661 	unsigned long addr, cpu;
3662 	void __percpu *ptr = NULL;
3663 	static char tmp[64];
3664 
3665 	switch (type) {
3666 	case 'a':
3667 		if (scanhex(&addr))
3668 			xmon_print_symbol(addr, ": ", "\n");
3669 		termch = 0;
3670 		break;
3671 	case 's':
3672 		getstring(tmp, 64);
3673 		if (setjmp(bus_error_jmp) == 0) {
3674 			catch_memory_errors = 1;
3675 			sync();
3676 			addr = kallsyms_lookup_name(tmp);
3677 			if (addr)
3678 				printf("%s: %lx\n", tmp, addr);
3679 			else
3680 				printf("Symbol '%s' not found.\n", tmp);
3681 			sync();
3682 		}
3683 		catch_memory_errors = 0;
3684 		termch = 0;
3685 		break;
3686 	case 'p':
3687 		getstring(tmp, 64);
3688 		if (setjmp(bus_error_jmp) == 0) {
3689 			catch_memory_errors = 1;
3690 			sync();
3691 			ptr = (void __percpu *)kallsyms_lookup_name(tmp);
3692 			sync();
3693 		}
3694 
3695 		if (ptr &&
3696 		    ptr >= (void __percpu *)__per_cpu_start &&
3697 		    ptr < (void __percpu *)__per_cpu_end)
3698 		{
3699 			if (scanhex(&cpu) && cpu < num_possible_cpus()) {
3700 				addr = (unsigned long)per_cpu_ptr(ptr, cpu);
3701 			} else {
3702 				cpu = raw_smp_processor_id();
3703 				addr = (unsigned long)this_cpu_ptr(ptr);
3704 			}
3705 
3706 			printf("%s for cpu 0x%lx: %lx\n", tmp, cpu, addr);
3707 		} else {
3708 			printf("Percpu symbol '%s' not found.\n", tmp);
3709 		}
3710 
3711 		catch_memory_errors = 0;
3712 		termch = 0;
3713 		break;
3714 	}
3715 }
3716 
3717 
3718 /* Print an address in numeric and symbolic form (if possible) */
3719 static void xmon_print_symbol(unsigned long address, const char *mid,
3720 			      const char *after)
3721 {
3722 	char *modname;
3723 	const char *volatile name = NULL;
3724 	unsigned long offset, size;
3725 
3726 	printf(REG, address);
3727 	if (setjmp(bus_error_jmp) == 0) {
3728 		catch_memory_errors = 1;
3729 		sync();
3730 		name = kallsyms_lookup(address, &size, &offset, &modname,
3731 				       tmpstr);
3732 		sync();
3733 		/* wait a little while to see if we get a machine check */
3734 		__delay(200);
3735 	}
3736 
3737 	catch_memory_errors = 0;
3738 
3739 	if (name) {
3740 		printf("%s%s+%#lx/%#lx", mid, name, offset, size);
3741 		if (modname)
3742 			printf(" [%s]", modname);
3743 	}
3744 	printf("%s", after);
3745 }
3746 
3747 #ifdef CONFIG_PPC_64S_HASH_MMU
3748 void dump_segments(void)
3749 {
3750 	int i;
3751 	unsigned long esid,vsid;
3752 	unsigned long llp;
3753 
3754 	printf("SLB contents of cpu 0x%x\n", smp_processor_id());
3755 
3756 	for (i = 0; i < mmu_slb_size; i++) {
3757 		asm volatile("slbmfee  %0,%1" : "=r" (esid) : "r" (i));
3758 		asm volatile("slbmfev  %0,%1" : "=r" (vsid) : "r" (i));
3759 
3760 		if (!esid && !vsid)
3761 			continue;
3762 
3763 		printf("%02d %016lx %016lx", i, esid, vsid);
3764 
3765 		if (!(esid & SLB_ESID_V)) {
3766 			printf("\n");
3767 			continue;
3768 		}
3769 
3770 		llp = vsid & SLB_VSID_LLP;
3771 		if (vsid & SLB_VSID_B_1T) {
3772 			printf("  1T  ESID=%9lx  VSID=%13lx LLP:%3lx \n",
3773 				GET_ESID_1T(esid),
3774 				(vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT_1T,
3775 				llp);
3776 		} else {
3777 			printf(" 256M ESID=%9lx  VSID=%13lx LLP:%3lx \n",
3778 				GET_ESID(esid),
3779 				(vsid & ~SLB_VSID_B) >> SLB_VSID_SHIFT,
3780 				llp);
3781 		}
3782 	}
3783 }
3784 #endif
3785 
3786 #ifdef CONFIG_PPC_BOOK3S_32
3787 void dump_segments(void)
3788 {
3789 	int i;
3790 
3791 	printf("sr0-15 =");
3792 	for (i = 0; i < 16; ++i)
3793 		printf(" %x", mfsr(i << 28));
3794 	printf("\n");
3795 }
3796 #endif
3797 
3798 #ifdef CONFIG_44x
3799 static void dump_tlb_44x(void)
3800 {
3801 	int i;
3802 
3803 	for (i = 0; i < PPC44x_TLB_SIZE; i++) {
3804 		unsigned long w0,w1,w2;
3805 		asm volatile("tlbre  %0,%1,0" : "=r" (w0) : "r" (i));
3806 		asm volatile("tlbre  %0,%1,1" : "=r" (w1) : "r" (i));
3807 		asm volatile("tlbre  %0,%1,2" : "=r" (w2) : "r" (i));
3808 		printf("[%02x] %08lx %08lx %08lx ", i, w0, w1, w2);
3809 		if (w0 & PPC44x_TLB_VALID) {
3810 			printf("V %08lx -> %01lx%08lx %c%c%c%c%c",
3811 			       w0 & PPC44x_TLB_EPN_MASK,
3812 			       w1 & PPC44x_TLB_ERPN_MASK,
3813 			       w1 & PPC44x_TLB_RPN_MASK,
3814 			       (w2 & PPC44x_TLB_W) ? 'W' : 'w',
3815 			       (w2 & PPC44x_TLB_I) ? 'I' : 'i',
3816 			       (w2 & PPC44x_TLB_M) ? 'M' : 'm',
3817 			       (w2 & PPC44x_TLB_G) ? 'G' : 'g',
3818 			       (w2 & PPC44x_TLB_E) ? 'E' : 'e');
3819 		}
3820 		printf("\n");
3821 	}
3822 }
3823 #endif /* CONFIG_44x */
3824 
3825 #ifdef CONFIG_PPC_BOOK3E_64
3826 static void dump_tlb_book3e(void)
3827 {
3828 	u32 mmucfg, pidmask, lpidmask;
3829 	u64 ramask;
3830 	int i, tlb, ntlbs, pidsz, lpidsz, rasz, lrat = 0;
3831 	int mmu_version;
3832 	static const char *pgsz_names[] = {
3833 		"  1K",
3834 		"  2K",
3835 		"  4K",
3836 		"  8K",
3837 		" 16K",
3838 		" 32K",
3839 		" 64K",
3840 		"128K",
3841 		"256K",
3842 		"512K",
3843 		"  1M",
3844 		"  2M",
3845 		"  4M",
3846 		"  8M",
3847 		" 16M",
3848 		" 32M",
3849 		" 64M",
3850 		"128M",
3851 		"256M",
3852 		"512M",
3853 		"  1G",
3854 		"  2G",
3855 		"  4G",
3856 		"  8G",
3857 		" 16G",
3858 		" 32G",
3859 		" 64G",
3860 		"128G",
3861 		"256G",
3862 		"512G",
3863 		"  1T",
3864 		"  2T",
3865 	};
3866 
3867 	/* Gather some infos about the MMU */
3868 	mmucfg = mfspr(SPRN_MMUCFG);
3869 	mmu_version = (mmucfg & 3) + 1;
3870 	ntlbs = ((mmucfg >> 2) & 3) + 1;
3871 	pidsz = ((mmucfg >> 6) & 0x1f) + 1;
3872 	lpidsz = (mmucfg >> 24) & 0xf;
3873 	rasz = (mmucfg >> 16) & 0x7f;
3874 	if ((mmu_version > 1) && (mmucfg & 0x10000))
3875 		lrat = 1;
3876 	printf("Book3E MMU MAV=%d.0,%d TLBs,%d-bit PID,%d-bit LPID,%d-bit RA\n",
3877 	       mmu_version, ntlbs, pidsz, lpidsz, rasz);
3878 	pidmask = (1ul << pidsz) - 1;
3879 	lpidmask = (1ul << lpidsz) - 1;
3880 	ramask = (1ull << rasz) - 1;
3881 
3882 	for (tlb = 0; tlb < ntlbs; tlb++) {
3883 		u32 tlbcfg;
3884 		int nent, assoc, new_cc = 1;
3885 		printf("TLB %d:\n------\n", tlb);
3886 		switch(tlb) {
3887 		case 0:
3888 			tlbcfg = mfspr(SPRN_TLB0CFG);
3889 			break;
3890 		case 1:
3891 			tlbcfg = mfspr(SPRN_TLB1CFG);
3892 			break;
3893 		case 2:
3894 			tlbcfg = mfspr(SPRN_TLB2CFG);
3895 			break;
3896 		case 3:
3897 			tlbcfg = mfspr(SPRN_TLB3CFG);
3898 			break;
3899 		default:
3900 			printf("Unsupported TLB number !\n");
3901 			continue;
3902 		}
3903 		nent = tlbcfg & 0xfff;
3904 		assoc = (tlbcfg >> 24) & 0xff;
3905 		for (i = 0; i < nent; i++) {
3906 			u32 mas0 = MAS0_TLBSEL(tlb);
3907 			u32 mas1 = MAS1_TSIZE(BOOK3E_PAGESZ_4K);
3908 			u64 mas2 = 0;
3909 			u64 mas7_mas3;
3910 			int esel = i, cc = i;
3911 
3912 			if (assoc != 0) {
3913 				cc = i / assoc;
3914 				esel = i % assoc;
3915 				mas2 = cc * 0x1000;
3916 			}
3917 
3918 			mas0 |= MAS0_ESEL(esel);
3919 			mtspr(SPRN_MAS0, mas0);
3920 			mtspr(SPRN_MAS1, mas1);
3921 			mtspr(SPRN_MAS2, mas2);
3922 			asm volatile("tlbre  0,0,0" : : : "memory");
3923 			mas1 = mfspr(SPRN_MAS1);
3924 			mas2 = mfspr(SPRN_MAS2);
3925 			mas7_mas3 = mfspr(SPRN_MAS7_MAS3);
3926 			if (assoc && (i % assoc) == 0)
3927 				new_cc = 1;
3928 			if (!(mas1 & MAS1_VALID))
3929 				continue;
3930 			if (assoc == 0)
3931 				printf("%04x- ", i);
3932 			else if (new_cc)
3933 				printf("%04x-%c", cc, 'A' + esel);
3934 			else
3935 				printf("    |%c", 'A' + esel);
3936 			new_cc = 0;
3937 			printf(" %016llx %04x %s %c%c AS%c",
3938 			       mas2 & ~0x3ffull,
3939 			       (mas1 >> 16) & 0x3fff,
3940 			       pgsz_names[(mas1 >> 7) & 0x1f],
3941 			       mas1 & MAS1_IND ? 'I' : ' ',
3942 			       mas1 & MAS1_IPROT ? 'P' : ' ',
3943 			       mas1 & MAS1_TS ? '1' : '0');
3944 			printf(" %c%c%c%c%c%c%c",
3945 			       mas2 & MAS2_X0 ? 'a' : ' ',
3946 			       mas2 & MAS2_X1 ? 'v' : ' ',
3947 			       mas2 & MAS2_W  ? 'w' : ' ',
3948 			       mas2 & MAS2_I  ? 'i' : ' ',
3949 			       mas2 & MAS2_M  ? 'm' : ' ',
3950 			       mas2 & MAS2_G  ? 'g' : ' ',
3951 			       mas2 & MAS2_E  ? 'e' : ' ');
3952 			printf(" %016llx", mas7_mas3 & ramask & ~0x7ffull);
3953 			if (mas1 & MAS1_IND)
3954 				printf(" %s\n",
3955 				       pgsz_names[(mas7_mas3 >> 1) & 0x1f]);
3956 			else
3957 				printf(" U%c%c%c S%c%c%c\n",
3958 				       mas7_mas3 & MAS3_UX ? 'x' : ' ',
3959 				       mas7_mas3 & MAS3_UW ? 'w' : ' ',
3960 				       mas7_mas3 & MAS3_UR ? 'r' : ' ',
3961 				       mas7_mas3 & MAS3_SX ? 'x' : ' ',
3962 				       mas7_mas3 & MAS3_SW ? 'w' : ' ',
3963 				       mas7_mas3 & MAS3_SR ? 'r' : ' ');
3964 		}
3965 	}
3966 }
3967 #endif /* CONFIG_PPC_BOOK3E_64 */
3968 
3969 static void xmon_init(int enable)
3970 {
3971 	if (enable) {
3972 		__debugger = xmon;
3973 		__debugger_ipi = xmon_ipi;
3974 		__debugger_bpt = xmon_bpt;
3975 		__debugger_sstep = xmon_sstep;
3976 		__debugger_iabr_match = xmon_iabr_match;
3977 		__debugger_break_match = xmon_break_match;
3978 		__debugger_fault_handler = xmon_fault_handler;
3979 
3980 #ifdef CONFIG_PPC_PSERIES
3981 		/*
3982 		 * Get the token here to avoid trying to get a lock
3983 		 * during the crash, causing a deadlock.
3984 		 */
3985 		set_indicator_token = rtas_token("set-indicator");
3986 #endif
3987 	} else {
3988 		__debugger = NULL;
3989 		__debugger_ipi = NULL;
3990 		__debugger_bpt = NULL;
3991 		__debugger_sstep = NULL;
3992 		__debugger_iabr_match = NULL;
3993 		__debugger_break_match = NULL;
3994 		__debugger_fault_handler = NULL;
3995 	}
3996 }
3997 
3998 #ifdef CONFIG_MAGIC_SYSRQ
3999 static void sysrq_handle_xmon(int key)
4000 {
4001 	if (xmon_is_locked_down()) {
4002 		clear_all_bpt();
4003 		xmon_init(0);
4004 		return;
4005 	}
4006 	/* ensure xmon is enabled */
4007 	xmon_init(1);
4008 	debugger(get_irq_regs());
4009 	if (!xmon_on)
4010 		xmon_init(0);
4011 }
4012 
4013 static const struct sysrq_key_op sysrq_xmon_op = {
4014 	.handler =	sysrq_handle_xmon,
4015 	.help_msg =	"xmon(x)",
4016 	.action_msg =	"Entering xmon",
4017 };
4018 
4019 static int __init setup_xmon_sysrq(void)
4020 {
4021 	register_sysrq_key('x', &sysrq_xmon_op);
4022 	return 0;
4023 }
4024 device_initcall(setup_xmon_sysrq);
4025 #endif /* CONFIG_MAGIC_SYSRQ */
4026 
4027 static void clear_all_bpt(void)
4028 {
4029 	int i;
4030 
4031 	/* clear/unpatch all breakpoints */
4032 	remove_bpts();
4033 	remove_cpu_bpts();
4034 
4035 	/* Disable all breakpoints */
4036 	for (i = 0; i < NBPTS; ++i)
4037 		bpts[i].enabled = 0;
4038 
4039 	/* Clear any data or iabr breakpoints */
4040 	iabr = NULL;
4041 	for (i = 0; i < nr_wp_slots(); i++)
4042 		dabr[i].enabled = 0;
4043 }
4044 
4045 #ifdef CONFIG_DEBUG_FS
4046 static int xmon_dbgfs_set(void *data, u64 val)
4047 {
4048 	xmon_on = !!val;
4049 	xmon_init(xmon_on);
4050 
4051 	/* make sure all breakpoints removed when disabling */
4052 	if (!xmon_on) {
4053 		clear_all_bpt();
4054 		get_output_lock();
4055 		printf("xmon: All breakpoints cleared\n");
4056 		release_output_lock();
4057 	}
4058 
4059 	return 0;
4060 }
4061 
4062 static int xmon_dbgfs_get(void *data, u64 *val)
4063 {
4064 	*val = xmon_on;
4065 	return 0;
4066 }
4067 
4068 DEFINE_SIMPLE_ATTRIBUTE(xmon_dbgfs_ops, xmon_dbgfs_get,
4069 			xmon_dbgfs_set, "%llu\n");
4070 
4071 static int __init setup_xmon_dbgfs(void)
4072 {
4073 	debugfs_create_file("xmon", 0600, arch_debugfs_dir, NULL,
4074 			    &xmon_dbgfs_ops);
4075 	return 0;
4076 }
4077 device_initcall(setup_xmon_dbgfs);
4078 #endif /* CONFIG_DEBUG_FS */
4079 
4080 static int xmon_early __initdata;
4081 
4082 static int __init early_parse_xmon(char *p)
4083 {
4084 	if (xmon_is_locked_down()) {
4085 		xmon_init(0);
4086 		xmon_early = 0;
4087 		xmon_on = 0;
4088 	} else if (!p || strncmp(p, "early", 5) == 0) {
4089 		/* just "xmon" is equivalent to "xmon=early" */
4090 		xmon_init(1);
4091 		xmon_early = 1;
4092 		xmon_on = 1;
4093 	} else if (strncmp(p, "on", 2) == 0) {
4094 		xmon_init(1);
4095 		xmon_on = 1;
4096 	} else if (strncmp(p, "rw", 2) == 0) {
4097 		xmon_init(1);
4098 		xmon_on = 1;
4099 		xmon_is_ro = false;
4100 	} else if (strncmp(p, "ro", 2) == 0) {
4101 		xmon_init(1);
4102 		xmon_on = 1;
4103 		xmon_is_ro = true;
4104 	} else if (strncmp(p, "off", 3) == 0)
4105 		xmon_on = 0;
4106 	else
4107 		return 1;
4108 
4109 	return 0;
4110 }
4111 early_param("xmon", early_parse_xmon);
4112 
4113 void __init xmon_setup(void)
4114 {
4115 	if (xmon_on)
4116 		xmon_init(1);
4117 	if (xmon_early)
4118 		debugger(NULL);
4119 }
4120 
4121 #ifdef CONFIG_SPU_BASE
4122 
4123 struct spu_info {
4124 	struct spu *spu;
4125 	u64 saved_mfc_sr1_RW;
4126 	u32 saved_spu_runcntl_RW;
4127 	unsigned long dump_addr;
4128 	u8 stopped_ok;
4129 };
4130 
4131 #define XMON_NUM_SPUS	16	/* Enough for current hardware */
4132 
4133 static struct spu_info spu_info[XMON_NUM_SPUS];
4134 
4135 void __init xmon_register_spus(struct list_head *list)
4136 {
4137 	struct spu *spu;
4138 
4139 	list_for_each_entry(spu, list, full_list) {
4140 		if (spu->number >= XMON_NUM_SPUS) {
4141 			WARN_ON(1);
4142 			continue;
4143 		}
4144 
4145 		spu_info[spu->number].spu = spu;
4146 		spu_info[spu->number].stopped_ok = 0;
4147 		spu_info[spu->number].dump_addr = (unsigned long)
4148 				spu_info[spu->number].spu->local_store;
4149 	}
4150 }
4151 
4152 static void stop_spus(void)
4153 {
4154 	struct spu *spu;
4155 	volatile int i;
4156 	u64 tmp;
4157 
4158 	for (i = 0; i < XMON_NUM_SPUS; i++) {
4159 		if (!spu_info[i].spu)
4160 			continue;
4161 
4162 		if (setjmp(bus_error_jmp) == 0) {
4163 			catch_memory_errors = 1;
4164 			sync();
4165 
4166 			spu = spu_info[i].spu;
4167 
4168 			spu_info[i].saved_spu_runcntl_RW =
4169 				in_be32(&spu->problem->spu_runcntl_RW);
4170 
4171 			tmp = spu_mfc_sr1_get(spu);
4172 			spu_info[i].saved_mfc_sr1_RW = tmp;
4173 
4174 			tmp &= ~MFC_STATE1_MASTER_RUN_CONTROL_MASK;
4175 			spu_mfc_sr1_set(spu, tmp);
4176 
4177 			sync();
4178 			__delay(200);
4179 
4180 			spu_info[i].stopped_ok = 1;
4181 
4182 			printf("Stopped spu %.2d (was %s)\n", i,
4183 					spu_info[i].saved_spu_runcntl_RW ?
4184 					"running" : "stopped");
4185 		} else {
4186 			catch_memory_errors = 0;
4187 			printf("*** Error stopping spu %.2d\n", i);
4188 		}
4189 		catch_memory_errors = 0;
4190 	}
4191 }
4192 
4193 static void restart_spus(void)
4194 {
4195 	struct spu *spu;
4196 	volatile int i;
4197 
4198 	for (i = 0; i < XMON_NUM_SPUS; i++) {
4199 		if (!spu_info[i].spu)
4200 			continue;
4201 
4202 		if (!spu_info[i].stopped_ok) {
4203 			printf("*** Error, spu %d was not successfully stopped"
4204 					", not restarting\n", i);
4205 			continue;
4206 		}
4207 
4208 		if (setjmp(bus_error_jmp) == 0) {
4209 			catch_memory_errors = 1;
4210 			sync();
4211 
4212 			spu = spu_info[i].spu;
4213 			spu_mfc_sr1_set(spu, spu_info[i].saved_mfc_sr1_RW);
4214 			out_be32(&spu->problem->spu_runcntl_RW,
4215 					spu_info[i].saved_spu_runcntl_RW);
4216 
4217 			sync();
4218 			__delay(200);
4219 
4220 			printf("Restarted spu %.2d\n", i);
4221 		} else {
4222 			catch_memory_errors = 0;
4223 			printf("*** Error restarting spu %.2d\n", i);
4224 		}
4225 		catch_memory_errors = 0;
4226 	}
4227 }
4228 
4229 #define DUMP_WIDTH	23
4230 #define DUMP_VALUE(format, field, value)				\
4231 do {									\
4232 	if (setjmp(bus_error_jmp) == 0) {				\
4233 		catch_memory_errors = 1;				\
4234 		sync();							\
4235 		printf("  %-*s = "format"\n", DUMP_WIDTH,		\
4236 				#field, value);				\
4237 		sync();							\
4238 		__delay(200);						\
4239 	} else {							\
4240 		catch_memory_errors = 0;				\
4241 		printf("  %-*s = *** Error reading field.\n",		\
4242 					DUMP_WIDTH, #field);		\
4243 	}								\
4244 	catch_memory_errors = 0;					\
4245 } while (0)
4246 
4247 #define DUMP_FIELD(obj, format, field)	\
4248 	DUMP_VALUE(format, field, obj->field)
4249 
4250 static void dump_spu_fields(struct spu *spu)
4251 {
4252 	printf("Dumping spu fields at address %p:\n", spu);
4253 
4254 	DUMP_FIELD(spu, "0x%x", number);
4255 	DUMP_FIELD(spu, "%s", name);
4256 	DUMP_FIELD(spu, "0x%lx", local_store_phys);
4257 	DUMP_FIELD(spu, "0x%p", local_store);
4258 	DUMP_FIELD(spu, "0x%lx", ls_size);
4259 	DUMP_FIELD(spu, "0x%x", node);
4260 	DUMP_FIELD(spu, "0x%lx", flags);
4261 	DUMP_FIELD(spu, "%llu", class_0_pending);
4262 	DUMP_FIELD(spu, "0x%llx", class_0_dar);
4263 	DUMP_FIELD(spu, "0x%llx", class_1_dar);
4264 	DUMP_FIELD(spu, "0x%llx", class_1_dsisr);
4265 	DUMP_FIELD(spu, "0x%x", irqs[0]);
4266 	DUMP_FIELD(spu, "0x%x", irqs[1]);
4267 	DUMP_FIELD(spu, "0x%x", irqs[2]);
4268 	DUMP_FIELD(spu, "0x%x", slb_replace);
4269 	DUMP_FIELD(spu, "%d", pid);
4270 	DUMP_FIELD(spu, "0x%p", mm);
4271 	DUMP_FIELD(spu, "0x%p", ctx);
4272 	DUMP_FIELD(spu, "0x%p", rq);
4273 	DUMP_FIELD(spu, "0x%llx", timestamp);
4274 	DUMP_FIELD(spu, "0x%lx", problem_phys);
4275 	DUMP_FIELD(spu, "0x%p", problem);
4276 	DUMP_VALUE("0x%x", problem->spu_runcntl_RW,
4277 			in_be32(&spu->problem->spu_runcntl_RW));
4278 	DUMP_VALUE("0x%x", problem->spu_status_R,
4279 			in_be32(&spu->problem->spu_status_R));
4280 	DUMP_VALUE("0x%x", problem->spu_npc_RW,
4281 			in_be32(&spu->problem->spu_npc_RW));
4282 	DUMP_FIELD(spu, "0x%p", priv2);
4283 	DUMP_FIELD(spu, "0x%p", pdata);
4284 }
4285 
4286 static int spu_inst_dump(unsigned long adr, long count, int praddr)
4287 {
4288 	return generic_inst_dump(adr, count, praddr, print_insn_spu);
4289 }
4290 
4291 static void dump_spu_ls(unsigned long num, int subcmd)
4292 {
4293 	unsigned long offset, addr, ls_addr;
4294 
4295 	if (setjmp(bus_error_jmp) == 0) {
4296 		catch_memory_errors = 1;
4297 		sync();
4298 		ls_addr = (unsigned long)spu_info[num].spu->local_store;
4299 		sync();
4300 		__delay(200);
4301 	} else {
4302 		catch_memory_errors = 0;
4303 		printf("*** Error: accessing spu info for spu %ld\n", num);
4304 		return;
4305 	}
4306 	catch_memory_errors = 0;
4307 
4308 	if (scanhex(&offset))
4309 		addr = ls_addr + offset;
4310 	else
4311 		addr = spu_info[num].dump_addr;
4312 
4313 	if (addr >= ls_addr + LS_SIZE) {
4314 		printf("*** Error: address outside of local store\n");
4315 		return;
4316 	}
4317 
4318 	switch (subcmd) {
4319 	case 'i':
4320 		addr += spu_inst_dump(addr, 16, 1);
4321 		last_cmd = "sdi\n";
4322 		break;
4323 	default:
4324 		prdump(addr, 64);
4325 		addr += 64;
4326 		last_cmd = "sd\n";
4327 		break;
4328 	}
4329 
4330 	spu_info[num].dump_addr = addr;
4331 }
4332 
4333 static int do_spu_cmd(void)
4334 {
4335 	static unsigned long num = 0;
4336 	int cmd, subcmd = 0;
4337 
4338 	cmd = inchar();
4339 	switch (cmd) {
4340 	case 's':
4341 		stop_spus();
4342 		break;
4343 	case 'r':
4344 		restart_spus();
4345 		break;
4346 	case 'd':
4347 		subcmd = inchar();
4348 		if (isxdigit(subcmd) || subcmd == '\n')
4349 			termch = subcmd;
4350 		fallthrough;
4351 	case 'f':
4352 		scanhex(&num);
4353 		if (num >= XMON_NUM_SPUS || !spu_info[num].spu) {
4354 			printf("*** Error: invalid spu number\n");
4355 			return 0;
4356 		}
4357 
4358 		switch (cmd) {
4359 		case 'f':
4360 			dump_spu_fields(spu_info[num].spu);
4361 			break;
4362 		default:
4363 			dump_spu_ls(num, subcmd);
4364 			break;
4365 		}
4366 
4367 		break;
4368 	default:
4369 		return -1;
4370 	}
4371 
4372 	return 0;
4373 }
4374 #else /* ! CONFIG_SPU_BASE */
4375 static int do_spu_cmd(void)
4376 {
4377 	return -1;
4378 }
4379 #endif
4380